| CVE-2021-20233 |
Medium |
No |
Arbitrary code execution |
There's a flaw in GRUB2 menu rendering code setparam_prefix() in the menu rendering code. It performs a length calculation under the assumption that... |
| CVE-2021-20225 |
Medium |
No |
Arbitrary code execution |
The option parser in GRUB2 allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific... |
| CVE-2020-27779 |
Medium |
No |
Access restriction bypass |
The GRUB2's cutmem command does not honor Secure Boot locking. This allows an privileged attacker to remove address ranges from memory creating an... |
| CVE-2020-27749 |
Medium |
No |
Arbitrary code execution |
grub_parser_split_cmdline() expands variable names present in the supplied command line in to their corresponding variable contents and uses a 1kB stack... |
| CVE-2020-25647 |
Medium |
No |
Arbitrary code execution |
grub_usb_device_initialize() is called to handle USB device initialization. It reads out the descriptors it needs from the USB device and uses that data to... |
| CVE-2020-25632 |
Medium |
No |
Arbitrary code execution |
The rmmod implementation for grub2 is flawed, allowing an attacker to unload a module used as a dependency without checking if any other dependent module is... |
| CVE-2020-14372 |
Medium |
No |
Arbitrary code execution |
GRUB2 enables the use of the command acpi even when secure boot is signaled by the firmware. An attacker with local root privileges can drop a small SSDT in... |