CVE-2020-27749 log

Source
Severity Medium
Remote No
Type Arbitrary code execution
Description
grub_parser_split_cmdline() expands variable names present in the supplied command line in to their corresponding variable contents and uses a 1kB stack buffer for temporary storage without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload, it is possible to overflow the stack buffer, corrupt the stack frame and control execution. An attacker may use this to circumvent Secure Boot protections.
Group Package Affected Fixed Severity Status Ticket
AVG-1629 grub 2:2.04-10 2:2.06rc1-1 Medium Testing
References
https://lists.gnu.org/archive/html/grub-devel/2021-03/msg00007.html
https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=4ea7bae51f97e49c84dc67ea30b466ca8633b9f6