| CVE-2022-28737 |
Medium |
No |
Arbitrary code execution |
There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables. The handle_image() function takes into account... |
| CVE-2022-28736 |
Medium |
No |
Arbitrary code execution |
There's a use-after-free vulnerability in grub_cmd_chainloader() function. The chainloader command is used to boot up operating systems that doesn't support... |
| CVE-2022-28735 |
Medium |
No |
Insufficient validation |
The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. Allowing such files to be loaded may lead to... |
| CVE-2022-28734 |
High |
Yes |
Unknown |
When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write... |
| CVE-2022-28733 |
High |
Yes |
Arbitrary code execution |
A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. Under certain circumstances... |
| CVE-2021-3697 |
High |
No |
Arbitrary code execution |
A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user controlled data to be written in heap. To be successfully... |
| CVE-2021-3696 |
Medium |
No |
Arbitrary code execution |
A heap out-of-bounds write may happen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space.... |
| CVE-2021-3695 |
High |
No |
Arbitrary code execution |
A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data... |