6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.3%
A flaw was found in grub2 in versions prior to 2.06. Variable names present
are expanded in the supplied command line into their corresponding variable
contents, using a 1kB stack buffer for temporary storage, without
sufficient bounds checking. If the function is called with a command line
that references a variable with a sufficiently large payload, it is
possible to overflow the stack buffer, corrupt the stack frame and control
execution which could also circumvent Secure Boot protections. The highest
threat from this vulnerability is to data confidentiality and integrity as
well as system availability.
Author | Note |
---|---|
sbeattie | grub2-unsigned will contain fixes and supersede grub2, which will contain only BIOS grub bits. |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | grub2-signed | <Â 1.167~18.04.5 | UNKNOWN |
ubuntu | 20.04 | noarch | grub2-signed | <Â 1.167.2 | UNKNOWN |
ubuntu | 20.10 | noarch | grub2-signed | <Â 1.167.2 | UNKNOWN |
ubuntu | 21.04 | noarch | grub2-signed | <Â 1.164 | UNKNOWN |
ubuntu | 21.10 | noarch | grub2-signed | <Â 1.169 | UNKNOWN |
ubuntu | 14.04 | noarch | grub2-signed | <Â any | UNKNOWN |
ubuntu | 16.04 | noarch | grub2-signed | <Â 1.164 | UNKNOWN |
ubuntu | 18.04 | noarch | grub2-unsigned | <Â 2.04-1ubuntu44.1.2 | UNKNOWN |
ubuntu | 20.04 | noarch | grub2-unsigned | <Â 2.04-1ubuntu44.2 | UNKNOWN |
ubuntu | 20.10 | noarch | grub2-unsigned | <Â 2.04-1ubuntu44.2 | UNKNOWN |
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.3%