CVE-2020-25647 - log back

CVE-2020-25647 edited at 02 Mar 2021 23:19:08
References
https://lists.gnu.org/archive/html/grub-devel/2021-03/msg00007.html
+ https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=128c16a682034263eb519c89bc0934eeb6fa8cfa
CVE-2020-25647 edited at 02 Mar 2021 18:56:27
Description
- grub_usb_device_initialize() is called to handle USB device initialization. It reads out the descriptors it needs from the USB device and uses that data to fill in some USB data structures. grub_usb_device_initialize() performs very little bounds checking and simply assumes the USB device provides sane values. This behavior can trigger memory corruption. If properly exploited, this would lead to arbitrary code execution allowing the attacker to bypass Secure Boot mechanism.
+ grub_usb_device_initialize() is called to handle USB device initialization. It reads out the descriptors it needs from the USB device and uses that data to fill in some USB data structures. grub_usb_device_initialize() performs very little bounds checking and simply assumes the USB device provides sane values. This behavior can trigger memory corruption. If properly exploited, this would lead to arbitrary code execution allowing the attacker to bypass the Secure Boot mechanism.
CVE-2020-25647 edited at 02 Mar 2021 18:51:25
Description
- grub_usb_device_initialize() is called to handle USB device initialization. It reads out the descriptors it needs from the USB device and uses that data to fill in some USB data structures. grub_usb_device_initialize() performs very little bounds checking and simply assumes the USB device provides sane values. This behavior can trigger memory corruption. If properly exploited, this would lead to arbitrary code execution allowing the attacker to by-pass Secure Boot mechanism.
+ grub_usb_device_initialize() is called to handle USB device initialization. It reads out the descriptors it needs from the USB device and uses that data to fill in some USB data structures. grub_usb_device_initialize() performs very little bounds checking and simply assumes the USB device provides sane values. This behavior can trigger memory corruption. If properly exploited, this would lead to arbitrary code execution allowing the attacker to bypass Secure Boot mechanism.
CVE-2020-25647 edited at 02 Mar 2021 18:17:10
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Arbitrary code execution
Description
+ grub_usb_device_initialize() is called to handle USB device initialization. It reads out the descriptors it needs from the USB device and uses that data to fill in some USB data structures. grub_usb_device_initialize() performs very little bounds checking and simply assumes the USB device provides sane values. This behavior can trigger memory corruption. If properly exploited, this would lead to arbitrary code execution allowing the attacker to by-pass Secure Boot mechanism.
References
+ https://lists.gnu.org/archive/html/grub-devel/2021-03/msg00007.html
Notes
CVE-2020-25647 created at 02 Mar 2021 18:10:44