Описание
GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | does not affect Secure Boot |
| esm-infra-legacy/trusty | ignored | update incompatible with kernel |
| esm-infra/bionic | not-affected | does not affect Secure Boot |
| esm-infra/focal | not-affected | does not affect Secure Boot |
| esm-infra/xenial | not-affected | does not affect Secure Boot |
| focal | not-affected | does not affect Secure Boot |
| jammy | not-affected | does not affect Secure Boot |
| mantic | not-affected | does not affect Secure Boot |
| noble | not-affected | does not affect Secure Boot |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | released | 1.202 |
| esm-infra-legacy/trusty | ignored | update incompatible with kernel |
| esm-infra/bionic | not-affected | code not present |
| esm-infra/focal | not-affected | code not present |
| esm-infra/xenial | not-affected | code not present |
| focal | not-affected | code not present |
| jammy | not-affected | code not present |
| mantic | ignored | end of life, was needed |
| noble | released | 1.202 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | released | 2.12-1ubuntu7 |
| esm-infra/bionic | not-affected | code not present |
| esm-infra/focal | not-affected | code not present |
| esm-infra/xenial | not-affected | code not present |
| focal | not-affected | code not present |
| jammy | not-affected | code not present |
| mantic | ignored | end of life, was needed |
| noble | released | 2.12-1ubuntu7 |
| oracular | released | 2.12-1ubuntu7 |
Показывать по
Ссылки на источники
EPSS
6.7 Medium
CVSS3
Связанные уязвимости
GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.
GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.
GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.
GRUB2 does not call the module fini functions on exit, leading to Debi ...
GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.
EPSS
6.7 Medium
CVSS3