Количество 23
Количество 23
BDU:2022-00326
Уязвимость реализации протокола безопасной загрузки Secure Boot загрузчика операционных систем Grub2, позволяющая нарушителю получить доступ к конфиденциальным данным, оказать влияние на целостность данных, а также вызвать отказ в обслуживании
CVE-2020-14372
A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel, defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity, as well as system availability.
CVE-2020-14372
A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel, defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity, as well as system availability.
CVE-2020-14372
A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel, defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity, as well as system availability.
CVE-2020-14372
CVE-2020-14372
A flaw was found in grub2 in versions prior to 2.06, where it incorrec ...
ROS-20220920-01
Множественные уязвимости GRUB
GHSA-xh73-rjw5-phcw
A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel, defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity, as well as system availability.
openSUSE-SU-2021:0462-1
Security update for grub2
SUSE-SU-2021:0685-1
Security update for grub2
SUSE-SU-2021:0684-1
Security update for grub2
SUSE-SU-2021:0683-1
Security update for grub2
SUSE-SU-2021:0682-1
Security update for grub2
SUSE-SU-2021:0681-1
Security update for grub2
SUSE-SU-2021:0679-1
Security update for grub2
RLSA-2021:1734
Moderate: shim security update
ELSA-2021-9077
ELSA-2021-9077: grub2 security update (IMPORTANT)
ELSA-2021-9076
ELSA-2021-9076: grub2 security update (IMPORTANT)
ELSA-2021-2566
ELSA-2021-2566: fwupd security update (MODERATE)
ELSA-2021-0699
ELSA-2021-0699: grub2 security update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2022-00326 Уязвимость реализации протокола безопасной загрузки Secure Boot загрузчика операционных систем Grub2, позволяющая нарушителю получить доступ к конфиденциальным данным, оказать влияние на целостность данных, а также вызвать отказ в обслуживании | CVSS3: 7.5 | 1% Низкий | почти 5 лет назад |
 | CVE-2020-14372 A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel, defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity, as well as system availability. | CVSS3: 7.5 | 1% Низкий | больше 4 лет назад |
 | CVE-2020-14372 A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel, defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity, as well as system availability. | CVSS3: 7.5 | 1% Низкий | больше 4 лет назад |
 | CVE-2020-14372 A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel, defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity, as well as system availability. | CVSS3: 7.5 | 1% Низкий | больше 4 лет назад |
 | CVSS3: 7.5 | 1% Низкий | больше 4 лет назад | |
| CVE-2020-14372 A flaw was found in grub2 in versions prior to 2.06, where it incorrec ... | CVSS3: 7.5 | 1% Низкий | больше 4 лет назад |
 | ROS-20220920-01 Множественные уязвимости GRUB | почти 3 года назад | ||
| GHSA-xh73-rjw5-phcw A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel, defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity, as well as system availability. | CVSS3: 7.5 | 1% Низкий | около 3 лет назад |
 | openSUSE-SU-2021:0462-1 Security update for grub2 | около 4 лет назад | ||
| SUSE-SU-2021:0685-1 Security update for grub2 | больше 4 лет назад | ||
| SUSE-SU-2021:0684-1 Security update for grub2 | больше 4 лет назад | ||
| SUSE-SU-2021:0683-1 Security update for grub2 | больше 4 лет назад | ||
| SUSE-SU-2021:0682-1 Security update for grub2 | больше 4 лет назад | ||
| SUSE-SU-2021:0681-1 Security update for grub2 | больше 4 лет назад | ||
| SUSE-SU-2021:0679-1 Security update for grub2 | больше 4 лет назад | ||
 | RLSA-2021:1734 Moderate: shim security update | около 4 лет назад | ||
| ELSA-2021-9077 ELSA-2021-9077: grub2 security update (IMPORTANT) | больше 4 лет назад | ||
| ELSA-2021-9076 ELSA-2021-9076: grub2 security update (IMPORTANT) | больше 4 лет назад | ||
| ELSA-2021-2566 ELSA-2021-2566: fwupd security update (MODERATE) | почти 4 года назад | ||
| ELSA-2021-0699 ELSA-2021-0699: grub2 security update (MODERATE) | больше 4 лет назад |
Уязвимостей на страницу