A flaw was found in grub2. When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length taken as an input. The lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and eventually allowing an attacker to circumvent secure boot protections.

A flaw was found in grub2. When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length taken as an input. The lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and eventually allowing an attacker to circumvent secure boot protections.

A flaw was found in grub2. When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length taken as an input. The lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and eventually allowing an attacker to circumvent secure boot protections.

Grub2: fs/ufs: oob write in the heap

A flaw was found in grub2. When reading a symbolic link's name from a ...

A flaw was found in grub2. When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length taken as an input. The lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and eventually allowing an attacker to circumvent secure boot protections.

Уязвимость файловой системы UFS загрузчика операционных систем Grub2, позволяющая нарушителю обойти механизм безопасной загрузки

Moderate: grub2 security update

ELSA-2025-16154: grub2 security update (MODERATE)

ELSA-2025-6990: grub2 security update (MODERATE)

Security update for grub2

Security update for grub2

Security update for grub2

Security update for grub2

Security update for grub2

Множественные уязвимости grub2-common