AVG-1629 - grub - Arch Linux
AVG-1629 log
| Package | grub |
| Status | Testing |
| Severity | Medium |
| Type | multiple issues |
| Affected | 2:2.04-10 |
| Fixed | 2:2.06rc1-1 |
| Current |
2:2.06rc1-1 [testing] 2:2.04-10 [core] |
| Ticket | None |
| Created | Tue Mar 2 18:10:44 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-20233 | Medium | No | Arbitrary code execution | There's a flaw in GRUB2 menu rendering code setparam_prefix() in the menu rendering code. It performs a length calculation under the assumption that... |
| CVE-2021-20225 | Medium | No | Arbitrary code execution | The option parser in GRUB2 allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific... |
| CVE-2020-27779 | Medium | No | Access restriction bypass | The GRUB2's cutmem command does not honor Secure Boot locking. This allows an privileged attacker to remove address ranges from memory creating an... |
| CVE-2020-27749 | Medium | No | Arbitrary code execution | grub_parser_split_cmdline() expands variable names present in the supplied command line in to their corresponding variable contents and uses a 1kB stack... |
| CVE-2020-25647 | Medium | No | Arbitrary code execution | grub_usb_device_initialize() is called to handle USB device initialization. It reads out the descriptors it needs from the USB device and uses that data to... |
| CVE-2020-25632 | Medium | No | Arbitrary code execution | The rmmod implementation for grub2 is flawed, allowing an attacker to unload a module used as a dependency without checking if any other dependent module is... |
| CVE-2020-14372 | Medium | No | Arbitrary code execution | GRUB2 enables the use of the command acpi even when secure boot is signaled by the firmware. An attacker with local root privileges can drop a small SSDT in... |