---

CVE-2020-27749 - log back

CVE-2020-27749 edited at 02 Mar 2021 23:18:26
References	https://lists.gnu.org/archive/html/grub-devel/2021-03/msg00007.html + https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=4ea7bae51f97e49c84dc67ea30b466ca8633b9f6

CVE-2020-27749 edited at 02 Mar 2021 18:17:58
Severity	- Unknown + Medium
Remote	- Unknown + Local
Type	- Unknown + Arbitrary code execution
Description	+ grub_parser_split_cmdline() expands variable names present in the supplied command line in to their corresponding variable contents and uses a 1kB stack buffer for temporary storage without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload, it is possible to overflow the stack buffer, corrupt the stack frame and control execution. An attacker may use this to circumvent Secure Boot protections.
References	+ https://lists.gnu.org/archive/html/grub-devel/2021-03/msg00007.html
Notes

CVE-2020-27749 created at 02 Mar 2021 18:10:44