{"containers": {"cna": {"affected": [{"product": "Grub", "vendor": "n/a", "versions": [{"status": "affected", "version": "All grub2 versions before 2.06"}]}], "descriptions": [{"lang": "en", "value": "In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts during the boot process."}], "problemTypes": [{"descriptions": [{"description": "Integer Overflow or Wraparound leading to Heap-based Buffer Overflow", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-09-21T11:06:24", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852009"}, {"name": "[oss-security] 20200729 multiple secure boot grub2 and linux kernel vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2020/07/29/3"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20200731-0008/"}, {"name": "USN-4432-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4432-1/"}, {"name": "openSUSE-SU-2020:1169", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html"}, {"name": "openSUSE-SU-2020:1168", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html"}, {"name": "GLSA-202104-05", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/202104-05"}, {"name": "[oss-security] 20210916 Containers-optimized OS (COS) membership in the linux-distros list", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2021/09/17/2"}, {"name": "[oss-security] 20210917 Re: Containers-optimized OS (COS) membership in the linux-distros list", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2021/09/17/4"}, {"name": "[oss-security] 20210920 Re: Containers-optimized OS (COS) membership in the linux-distros list", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2021/09/21/1"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-14308", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Grub", "version": {"version_data": [{"version_value": "All grub2 versions before 2.06"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts during the boot process."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Integer Overflow or Wraparound leading to Heap-based Buffer Overflow"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1852009", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852009"}, {"name": "[oss-security] 20200729 multiple secure boot grub2 and linux kernel vulnerabilities", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/07/29/3"}, {"name": "https://security.netapp.com/advisory/ntap-20200731-0008/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20200731-0008/"}, {"name": "USN-4432-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4432-1/"}, {"name": "openSUSE-SU-2020:1169", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html"}, {"name": "openSUSE-SU-2020:1168", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html"}, {"name": "GLSA-202104-05", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202104-05"}, {"name": "[oss-security] 20210916 Containers-optimized OS (COS) membership in the linux-distros list", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/09/17/2"}, {"name": "[oss-security] 20210917 Re: Containers-optimized OS (COS) membership in the linux-distros list", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/09/17/4"}, {"name": "[oss-security] 20210920 Re: Containers-optimized OS (COS) membership in the linux-distros list", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/09/21/1"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T12:39:36.360Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852009"}, {"name": "[oss-security] 20200729 multiple secure boot grub2 and linux kernel vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2020/07/29/3"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20200731-0008/"}, {"name": "USN-4432-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4432-1/"}, {"name": "openSUSE-SU-2020:1169", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html"}, {"name": "openSUSE-SU-2020:1168", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html"}, {"name": "GLSA-202104-05", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/202104-05"}, {"name": "[oss-security] 20210916 Containers-optimized OS (COS) membership in the linux-distros list", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2021/09/17/2"}, {"name": "[oss-security] 20210917 Re: Containers-optimized OS (COS) membership in the linux-distros list", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2021/09/17/4"}, {"name": "[oss-security] 20210920 Re: Containers-optimized OS (COS) membership in the linux-distros list", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2021/09/21/1"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-14308", "datePublished": "2020-07-29T19:03:41", "dateReserved": "2020-06-17T00:00:00", "dateUpdated": "2024-08-04T12:39:36.360Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*", "matchCriteriaId": "01F8D62F-70BB-4718-A095-D68540C17EEA", "versionEndExcluding": "2.06", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "matchCriteriaId": "B009C22E-30A4-4288-BCF6-C3E81DEAF45A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts during the boot process."}, {"lang": "es", "value": "En grub2 versiones anteriores a 2.06, el asignador de memoria grub no comprueba posibles desbordamientos aritm\u00e9ticos en el tama\u00f1o de asignaci\u00f3n solicitada. Esto conlleva a la funci\u00f3n a devolver asignaciones de memoria no v\u00e1lidas que puedan ser usadas para causar posibles impactos de integridad, confidencialidad y disponibilidad durante el proceso de arranque"}], "id": "CVE-2020-14308", "lastModified": "2022-04-18T15:22:28.780", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-07-29T20:15:12.397", "references": [{"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2020/07/29/3"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2021/09/17/2"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2021/09/17/4"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2021/09/21/1"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852009"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202104-05"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20200731-0008/"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4432-1/"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Chris Coulson (Ubuntu Security Team) for reporting this issue.", "affected_release": [{"advisory": "RHSA-2020:3217", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "fwupdate-0:12-6.el7_8", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-07-29T00:00:00Z"}, {"advisory": "RHSA-2020:3217", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "grub2-1:2.02-0.86.el7_8", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-07-29T00:00:00Z"}, {"advisory": "RHSA-2020:3217", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "shim-0:15-7.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-07-29T00:00:00Z"}, {"advisory": "RHSA-2020:3217", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "shim-signed-0:15-7.el7_8", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-07-29T00:00:00Z"}, {"advisory": "RHSA-2020:3273", "cpe": "cpe:/o:redhat:rhel_aus:7.2", "package": "grub2-1:2.02-0.86.el7_2", "product_name": "Red Hat Enterprise Linux 7.2 Advanced Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3273", "cpe": "cpe:/o:redhat:rhel_aus:7.2", "package": "shim-0:15-8.el7", "product_name": "Red Hat Enterprise Linux 7.2 Advanced Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3273", "cpe": "cpe:/o:redhat:rhel_aus:7.2", "package": "shim-signed-0:15-8.el7_2", "product_name": "Red Hat Enterprise Linux 7.2 Advanced Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3276", "cpe": "cpe:/o:redhat:rhel_aus:7.3", "package": "grub2-1:2.02-0.86.el7", "product_name": "Red Hat Enterprise Linux 7.3 Advanced Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3276", "cpe": "cpe:/o:redhat:rhel_aus:7.3", "package": "shim-0:15-8.el7", "product_name": "Red Hat Enterprise Linux 7.3 Advanced Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3276", "cpe": "cpe:/o:redhat:rhel_aus:7.3", "package": "shim-signed-0:15-8.el7_3", "product_name": "Red Hat Enterprise Linux 7.3 Advanced Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3276", "cpe": "cpe:/o:redhat:rhel_tus:7.3", "package": "grub2-1:2.02-0.86.el7", "product_name": "Red Hat Enterprise Linux 7.3 Telco Extended Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3276", "cpe": "cpe:/o:redhat:rhel_tus:7.3", "package": "shim-0:15-8.el7", "product_name": "Red Hat Enterprise Linux 7.3 Telco Extended Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3276", "cpe": "cpe:/o:redhat:rhel_tus:7.3", "package": "shim-signed-0:15-8.el7_3", "product_name": "Red Hat Enterprise Linux 7.3 Telco Extended Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3276", "cpe": "cpe:/o:redhat:rhel_e4s:7.3", "package": "grub2-1:2.02-0.86.el7", "product_name": "Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3276", "cpe": "cpe:/o:redhat:rhel_e4s:7.3", "package": "shim-0:15-8.el7", "product_name": "Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3276", "cpe": "cpe:/o:redhat:rhel_e4s:7.3", "package": "shim-signed-0:15-8.el7_3", "product_name": "Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3275", "cpe": "cpe:/o:redhat:rhel_aus:7.4", "package": "fwupdate-0:9-10.el7_4", "product_name": "Red Hat Enterprise Linux 7.4 Advanced Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3275", "cpe": "cpe:/o:redhat:rhel_aus:7.4", "package": "grub2-1:2.02-0.86.el7_4", "product_name": "Red Hat Enterprise Linux 7.4 Advanced Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3275", "cpe": "cpe:/o:redhat:rhel_aus:7.4", "package": "shim-0:15-8.el7", "product_name": "Red Hat Enterprise Linux 7.4 Advanced Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3275", "cpe": "cpe:/o:redhat:rhel_aus:7.4", "package": "shim-signed-0:15-8.el7_4", "product_name": "Red Hat Enterprise Linux 7.4 Advanced Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3275", "cpe": "cpe:/o:redhat:rhel_tus:7.4", "package": "fwupdate-0:9-10.el7_4", "product_name": "Red Hat Enterprise Linux 7.4 Telco Extended Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3275", "cpe": "cpe:/o:redhat:rhel_tus:7.4", "package": "grub2-1:2.02-0.86.el7_4", "product_name": "Red Hat Enterprise Linux 7.4 Telco Extended Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3275", "cpe": "cpe:/o:redhat:rhel_tus:7.4", "package": "shim-0:15-8.el7", "product_name": "Red Hat Enterprise Linux 7.4 Telco Extended Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3275", "cpe": "cpe:/o:redhat:rhel_tus:7.4", "package": "shim-signed-0:15-8.el7_4", "product_name": "Red Hat Enterprise Linux 7.4 Telco Extended Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3275", "cpe": "cpe:/o:redhat:rhel_e4s:7.4", "package": "fwupdate-0:9-10.el7_4", "product_name": "Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3275", "cpe": "cpe:/o:redhat:rhel_e4s:7.4", "package": "grub2-1:2.02-0.86.el7_4", "product_name": "Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3275", "cpe": "cpe:/o:redhat:rhel_e4s:7.4", "package": "shim-0:15-8.el7", "product_name": "Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3275", "cpe": "cpe:/o:redhat:rhel_e4s:7.4", "package": "shim-signed-0:15-8.el7_4", "product_name": "Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3271", "cpe": "cpe:/o:redhat:rhel_eus:7.6", "package": "fwupdate-0:12-6.el7_6", "product_name": "Red Hat Enterprise Linux 7.6 Extended Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3271", "cpe": "cpe:/o:redhat:rhel_eus:7.6", "package": "grub2-1:2.02-0.86.el7_6", "product_name": "Red Hat Enterprise Linux 7.6 Extended Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3271", "cpe": "cpe:/o:redhat:rhel_eus:7.6", "package": "shim-0:15-8.el7", "product_name": "Red Hat Enterprise Linux 7.6 Extended Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3271", "cpe": "cpe:/o:redhat:rhel_eus:7.6", "package": "shim-signed-0:15-8.el7_6", "product_name": "Red Hat Enterprise Linux 7.6 Extended Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3274", "cpe": "cpe:/o:redhat:rhel_eus:7.7", "package": "fwupdate-0:12-6.el7_7", "product_name": "Red Hat Enterprise Linux 7.7 Extended Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3274", "cpe": "cpe:/o:redhat:rhel_eus:7.7", "package": "grub2-1:2.02-0.86.el7_7", "product_name": "Red Hat Enterprise Linux 7.7 Extended Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3274", "cpe": "cpe:/o:redhat:rhel_eus:7.7", "package": "shim-0:15-8.el7", "product_name": "Red Hat Enterprise Linux 7.7 Extended Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3274", "cpe": "cpe:/o:redhat:rhel_eus:7.7", "package": "shim-signed-0:15-8.el7_7", "product_name": "Red Hat Enterprise Linux 7.7 Extended Update Support", "release_date": "2020-08-03T00:00:00Z"}, {"advisory": "RHSA-2020:3216", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "fwupd-0:1.1.4-7.el8_2", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-07-29T00:00:00Z"}, {"advisory": "RHSA-2020:3216", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "grub2-1:2.02-87.el8_2", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-07-29T00:00:00Z"}, {"advisory": "RHSA-2020:3216", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "shim-0:15-14.el8_2", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-07-29T00:00:00Z"}, {"advisory": "RHSA-2020:3216", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "shim-unsigned-x64-0:15-7.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-07-29T00:00:00Z"}, {"advisory": "RHSA-2020:3227", "cpe": "cpe:/o:redhat:rhel_e4s:8.0", "package": "fwupd-0:1.1.4-2.el8_0", "product_name": "Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions", "release_date": "2020-07-29T00:00:00Z"}, {"advisory": "RHSA-2020:3227", "cpe": "cpe:/o:redhat:rhel_e4s:8.0", "package": "grub2-1:2.02-87.el8_0", "product_name": "Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions", "release_date": "2020-07-29T00:00:00Z"}, {"advisory": "RHSA-2020:3227", "cpe": "cpe:/o:redhat:rhel_e4s:8.0", "package": "shim-0:15-14.el8_0", "product_name": "Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions", "release_date": "2020-07-29T00:00:00Z"}, {"advisory": "RHSA-2020:3223", "cpe": "cpe:/o:redhat:rhel_eus:8.1", "package": "fwupd-0:1.1.4-2.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Extended Update Support", "release_date": "2020-07-29T00:00:00Z"}, {"advisory": "RHSA-2020:3223", "cpe": "cpe:/o:redhat:rhel_eus:8.1", "package": "grub2-1:2.02-87.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Extended Update Support", "release_date": "2020-07-29T00:00:00Z"}, {"advisory": "RHSA-2020:3223", "cpe": "cpe:/o:redhat:rhel_eus:8.1", "package": "shim-0:15-14.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Extended Update Support", "release_date": "2020-07-29T00:00:00Z"}, {"advisory": "RHSA-2020:3223", "cpe": "cpe:/o:redhat:rhel_eus:8.1", "package": "shim-unsigned-x64-0:15-7.el8", "product_name": "Red Hat Enterprise Linux 8.1 Extended Update Support", "release_date": "2020-07-29T00:00:00Z"}], "bugzilla": {"description": "grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-based buffer overflow", "id": "1852009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852009"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-190->CWE-122", "details": ["In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts during the boot process.", "A flaw was found in current grub2 versions as shipped with Red Hat Enterprise Linux 7 and 8, where the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This issue leads the function to return invalid memory allocations, causing heap-based overflows in several code paths. The highest threat from this vulnerability is to confidentiality, integrity as well as system availability."], "name": "CVE-2020-14308", "public_date": "2020-07-29T17:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-14308\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-14308"], "threat_severity": "Moderate", "upstream_fix": "grub 2.06"}