It was discovered that a specially crafted file system image could cause a
heap-based out-of-bounds write. A local attacker could potentially use this
to perform arbitrary code execution bypass and bypass secure boot
protections. (CVE-2023-4692)
It was discovered that a specially crafted file system image could cause an
out-of-bounds read. A physically-present attacker could possibly use this
to leak sensitive information to the GRUB pager. (CVE-2023-4693)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 23.04 | noarch | grub-efi-amd64 | < 2.06-2ubuntu17.2 | UNKNOWN |
Ubuntu | 23.04 | noarch | grub-efi-amd64-bin | < 2.06-2ubuntu17.2 | UNKNOWN |
Ubuntu | 23.04 | noarch | grub-efi-amd64-dbg | < 2.06-2ubuntu17.2 | UNKNOWN |
Ubuntu | 23.04 | noarch | grub-efi-arm64 | < 2.06-2ubuntu17.2 | UNKNOWN |
Ubuntu | 23.04 | noarch | grub-efi-arm64-bin | < 2.06-2ubuntu17.2 | UNKNOWN |
Ubuntu | 23.04 | noarch | grub-efi-arm64-dbg | < 2.06-2ubuntu17.2 | UNKNOWN |
Ubuntu | 23.04 | noarch | grub-efi-amd64-signed | < 1.193.2+2.06-2ubuntu17.2 | UNKNOWN |
Ubuntu | 23.04 | noarch | grub-efi-arm64-signed | < 1.193.2+2.06-2ubuntu17.2 | UNKNOWN |
Ubuntu | 22.04 | noarch | grub-efi-amd64 | < 2.06-2ubuntu14.4 | UNKNOWN |
Ubuntu | 22.04 | noarch | grub-efi-amd64-bin | < 2.06-2ubuntu14.4 | UNKNOWN |