CVE-2023-4949 - Vulnerability Details - OpenCVE

An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact Low

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00035.

Key SSVC decision points have not yet been added.

Vendors	Products
Gnu Subscribe	Grub Subscribe
Xen Subscribe	Xen Subscribe

Configuration 1 [-]

cpe:2.3:a:gnu:grub:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2023-54785	An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://xenbits.xenproject.org/xsa/advisory-443.html

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Google

Published: 2023-11-10T16:57:03.311Z

Updated: 2024-09-03T17:29:10.425Z

Reserved: 2023-09-13T15:42:48.056Z

Link: CVE-2023-4949

Vulnrichment

Updated: 2024-08-02T07:44:53.355Z

NVD

Status : Modified

Published: 2023-11-10T17:15:07.570

Modified: 2024-11-21T08:36:19.817

Link: CVE-2023-4949

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-4949", "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778", "state": "PUBLISHED", "assignerShortName": "Google", "dateReserved": "2023-09-13T15:42:48.056Z", "datePublished": "2023-11-10T16:57:03.311Z", "dateUpdated": "2024-09-03T17:29:10.425Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Grub-Legacy", "vendor": "Free Software Foundation", "versions": [{"lessThanOrEqual": "0.97", "status": "affected", "version": "0", "versionType": "git"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub\u2019s XFS file system implementation.</span><br>"}], "value": "An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub\u2019s XFS file system implementation.\n"}], "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}, {"capecId": "CAPEC-92", "descriptions": [{"lang": "en", "value": "CAPEC-92 Forced Integer Overflow"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-119", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "14ed7db2-1595-443d-9d34-6215bf890778", "shortName": "Google", "dateUpdated": "2023-11-10T16:57:03.311Z"}, "references": [{"url": "https://xenbits.xenproject.org/xsa/advisory-443.html"}], "source": {"discovery": "UNKNOWN"}, "title": "Memory Corruption Vulnerability in Grub-Legacy's XFS Implementation", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:44:53.355Z"}, "title": "CVE Program Container", "references": [{"url": "https://xenbits.xenproject.org/xsa/advisory-443.html", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-03T17:28:54.531573Z", "id": "CVE-2023-4949", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-03T17:29:10.425Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://xenbits.xenproject.org/xsa/advisory-443.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:44:53.355Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-4949", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-03T17:28:54.531573Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-03T17:29:01.779Z"}}], "cna": {"title": "Memory Corruption Vulnerability in Grub-Legacy's XFS Implementation", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}, {"capecId": "CAPEC-92", "descriptions": [{"lang": "en", "value": "CAPEC-92 Forced Integer Overflow"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Free Software Foundation", "product": "Grub-Legacy", "versions": [{"status": "affected", "version": "0", "versionType": "git", "lessThanOrEqual": "0.97"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://xenbits.xenproject.org/xsa/advisory-443.html"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub\u2019s XFS file system implementation.\n", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub\u2019s XFS file system implementation.</span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound"}]}], "providerMetadata": {"orgId": "14ed7db2-1595-443d-9d34-6215bf890778", "shortName": "Google", "dateUpdated": "2023-11-10T16:57:03.311Z"}}}, "cveMetadata": {"cveId": "CVE-2023-4949", "state": "PUBLISHED", "dateUpdated": "2024-09-03T17:29:10.425Z", "dateReserved": "2023-09-13T15:42:48.056Z", "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778", "datePublished": "2023-11-10T16:57:03.311Z", "assignerShortName": "Google"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:grub:*:*:*:*:*:*:*:*", "matchCriteriaId": "281D0519-A24B-4DE6-8475-73AB48A847A9", "versionEndIncluding": "0.97", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:*", "matchCriteriaId": "BFA1950D-1D9F-4401-AA86-CF3028EFD286", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub\u2019s XFS file system implementation.\n"}, {"lang": "es", "value": "Un atacante con acceso local a un sistema (ya sea a trav\u00e9s de un disco o una unidad externa) puede presentar una partici\u00f3n XFS modificada a grub-legacy de tal manera que aproveche una corrupci\u00f3n de memoria en la implementaci\u00f3n del sistema de archivos XFS de grub."}], "id": "CVE-2023-4949", "lastModified": "2024-11-21T08:36:19.817", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 1.5, "impactScore": 6.0, "source": "cve-coordination@google.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-11-10T17:15:07.570", "references": [{"source": "cve-coordination@google.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://xenbits.xenproject.org/xsa/advisory-443.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://xenbits.xenproject.org/xsa/advisory-443.html"}], "sourceIdentifier": "cve-coordination@google.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "CWE-190"}], "source": "cve-coordination@google.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}