NewStart CGSL CORE 5.05 / MAIN 5.05 : grub2 Multiple Vulnerabilities (NS-SA-2021-0139)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has grub2 packages installed that are affected by multiple vulnerabilities: - A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw...

USN-5057-1: Squashfs-Tools vulnerability

Etienne Stalmans discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem...

CVE-2020-14309

There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacke...

PT-2020-3621 · Gnu +7 · Grub2 +7

Name of the Vulnerable Software and Affected Versions: Grub2 versions prior to 2.06 Description: The issue is related to an integer overflow of the UINT32 value, which can allow an attacker to access confidential data, compromise its integrity, and cause a denial of service. Specifically, the...