Связанные уязвимости
redhat
почти 5 лет назад
[REJECTED CVE] The grub2 menu rendering code miscalculate the memory amount to hold single-quoted strings. This lead to a out-of-bounds write in grub2's heap by one byte per quote in the input. This results to a 'write-what-where' scenario which an attacker may leverage to compromise heap integrity and possibly code execution, leading to Secure Boot circumvention. To an attack being successful deployed, the attacker needs to have high privileges into the targeted system and also triage the heap layout to successfully deploy a crafted payload.