Описание
A vulnerability has been identified in the GRUB (Grand Unified Bootloader) component. This flaw occurs because the bootloader mishandles string conversion when reading information from a USB device, allowing an attacker to exploit inconsistent length values. A local attacker can connect a maliciously configured USB device during the boot sequence to trigger this issue. A successful exploitation may lead GRUB to crash, leading to a Denial of Service. Data corruption may be also possible, although given the complexity of the exploit the impact is most likely limited.
Отчет
This vulnerability was rated as having the impact of Moderate by the Red Hat Product Security Engineering team. To exploit this flaw the attacker needs to have physical access to the machine and connect a maliciously crafted USB device which will leverage the lack of string size validation to cause a out-of-bounds write when reading strings from it. Even though the existence of a possible out-of-bounds write, given the complexity of producing the exploit, the impact is most likely limited to leading grub to crash causing a Denial-of-Service kind of attack or uncontrolled data corruption which presents a Low impact in the Integrity point of the CIA triad in the CVSS scoring.
Меры по смягчению последствий
As a mitigation Red Hat doesn't recommend to connect untrusted or unknown USB devices to the machine.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | grub2 | Fix deferred | ||
| Red Hat Enterprise Linux 7 | grub2 | Fix deferred | ||
| Red Hat Enterprise Linux 8 | grub2 | Fix deferred | ||
| Red Hat Enterprise Linux 9 | grub2 | Fix deferred | ||
| Red Hat OpenShift Container Platform 4 | rhcos | Fix deferred |
Показывать по
Дополнительная информация
Статус:
4.8 Medium
CVSS3
Связанные уязвимости
A vulnerability has been identified in the GRUB (Grand Unified Bootloader) component. This flaw occurs because the bootloader mishandles string conversion when reading information from a USB device, allowing an attacker to exploit inconsistent length values. A local attacker can connect a maliciously configured USB device during the boot sequence to trigger this issue. A successful exploitation may lead GRUB to crash, leading to a Denial of Service. Data corruption may be also possible, although given the complexity of the exploit the impact is most likely limited.
A vulnerability has been identified in the GRUB (Grand Unified Bootloader) component. This flaw occurs because the bootloader mishandles string conversion when reading information from a USB device, allowing an attacker to exploit inconsistent length values. A local attacker can connect a maliciously configured USB device during the boot sequence to trigger this issue. A successful exploitation may lead GRUB to crash, leading to a Denial of Service. Data corruption may be also possible, although given the complexity of the exploit the impact is most likely limited.
Grub2: grub2: out-of-bounds write via malicious usb device
A vulnerability has been identified in the GRUB (Grand Unified Bootloa ...
A vulnerability has been identified in the GRUB (Grand Unified Bootloader) component. This flaw occurs because the bootloader mishandles string conversion when reading information from a USB device, allowing an attacker to exploit inconsistent length values. A local attacker can connect a maliciously configured USB device during the boot sequence to trigger this issue. A successful exploitation may lead GRUB to crash, leading to a Denial of Service. Data corruption may be also possible, although given the complexity of the exploit the impact is most likely limited.
4.8 Medium
CVSS3