Skip to main content

Grub

2 CVEs product

Monthly

CVE-2023-4949 MEDIUM PATCH This Month

An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Grub Xen
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2013-4577 LOW PATCH Monitor

A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the password_pbkdf2 directive in the. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Debian Privilege Escalation Grub
NVD
CVSS 2.0
2.1
EPSS
0.2%
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Grub Xen
NVD
EPSS 0% CVSS 2.1
LOW PATCH Monitor

A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the password_pbkdf2 directive in the. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Debian Privilege Escalation Grub
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy