Количество 23
Количество 23
BDU:2022-00338
Уязвимость реализации функций загрузчика операционных систем Grub2, позволяющая нарушителю получить доступ к конфиденциальным данным, оказать влияние на целостность данных, а также вызвать отказ в обслуживании
CVE-2020-27749
A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload, it is possible to overflow the stack buffer, corrupt the stack frame and control execution which could also circumvent Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-27749
A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload, it is possible to overflow the stack buffer, corrupt the stack frame and control execution which could also circumvent Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-27749
A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload, it is possible to overflow the stack buffer, corrupt the stack frame and control execution which could also circumvent Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-27749
CVE-2020-27749
A flaw was found in grub2 in versions prior to 2.06. Variable names pr ...
ROS-20220920-01
Множественные уязвимости GRUB
GHSA-258p-xh3c-g68w
A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload, it is possible to overflow the stack buffer, corrupt the stack frame and control execution which could also circumvent Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
openSUSE-SU-2021:0462-1
Security update for grub2
SUSE-SU-2021:0685-1
Security update for grub2
SUSE-SU-2021:0684-1
Security update for grub2
SUSE-SU-2021:0683-1
Security update for grub2
SUSE-SU-2021:0682-1
Security update for grub2
SUSE-SU-2021:0681-1
Security update for grub2
SUSE-SU-2021:0679-1
Security update for grub2
RLSA-2021:1734
Moderate: shim security update
ELSA-2021-9077
ELSA-2021-9077: grub2 security update (IMPORTANT)
ELSA-2021-9076
ELSA-2021-9076: grub2 security update (IMPORTANT)
ELSA-2021-2566
ELSA-2021-2566: fwupd security update (MODERATE)
ELSA-2021-0699
ELSA-2021-0699: grub2 security update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2022-00338 Уязвимость реализации функций загрузчика операционных систем Grub2, позволяющая нарушителю получить доступ к конфиденциальным данным, оказать влияние на целостность данных, а также вызвать отказ в обслуживании | CVSS3: 6.7 | 0% Низкий | больше 4 лет назад |
 | CVE-2020-27749 A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload, it is possible to overflow the stack buffer, corrupt the stack frame and control execution which could also circumvent Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | CVSS3: 6.7 | 0% Низкий | больше 4 лет назад |
 | CVE-2020-27749 A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload, it is possible to overflow the stack buffer, corrupt the stack frame and control execution which could also circumvent Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
 | CVE-2020-27749 A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload, it is possible to overflow the stack buffer, corrupt the stack frame and control execution which could also circumvent Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | CVSS3: 6.7 | 0% Низкий | больше 4 лет назад |
 | CVSS3: 6.7 | 0% Низкий | больше 4 лет назад | |
| CVE-2020-27749 A flaw was found in grub2 in versions prior to 2.06. Variable names pr ... | CVSS3: 6.7 | 0% Низкий | больше 4 лет назад |
 | ROS-20220920-01 Множественные уязвимости GRUB | почти 3 года назад | ||
| GHSA-258p-xh3c-g68w A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload, it is possible to overflow the stack buffer, corrupt the stack frame and control execution which could also circumvent Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | CVSS3: 6.7 | 0% Низкий | около 3 лет назад |
 | openSUSE-SU-2021:0462-1 Security update for grub2 | около 4 лет назад | ||
| SUSE-SU-2021:0685-1 Security update for grub2 | больше 4 лет назад | ||
| SUSE-SU-2021:0684-1 Security update for grub2 | больше 4 лет назад | ||
| SUSE-SU-2021:0683-1 Security update for grub2 | больше 4 лет назад | ||
| SUSE-SU-2021:0682-1 Security update for grub2 | больше 4 лет назад | ||
| SUSE-SU-2021:0681-1 Security update for grub2 | больше 4 лет назад | ||
| SUSE-SU-2021:0679-1 Security update for grub2 | больше 4 лет назад | ||
 | RLSA-2021:1734 Moderate: shim security update | около 4 лет назад | ||
| ELSA-2021-9077 ELSA-2021-9077: grub2 security update (IMPORTANT) | больше 4 лет назад | ||
| ELSA-2021-9076 ELSA-2021-9076: grub2 security update (IMPORTANT) | больше 4 лет назад | ||
| ELSA-2021-2566 ELSA-2021-2566: fwupd security update (MODERATE) | почти 4 года назад | ||
| ELSA-2021-0699 ELSA-2021-0699: grub2 security update (MODERATE) | больше 4 лет назад |
Уязвимостей на страницу