A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Metrics
Affected Vendors & Products
Advisories
| Source | ID | Title |
|---|---|---|
Debian DSA |
DSA-4867-1 | grub2 security update |
EUVD |
EUVD-2021-7665 | A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
Ubuntu USN |
USN-4992-1 | GRUB 2 vulnerabilities |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-03T17:30:07.623Z
Reserved: 2020-12-17T00:00:00
Link: CVE-2021-20225
No data.
Status : Modified
Published: 2021-03-03T17:15:11.973
Modified: 2024-11-21T05:46:09.903
Link: CVE-2021-20225
OpenCVE Enrichment
No data.
Debian DSA
EUVD
Ubuntu USN