| Titel | GRUB2: crafted grub.cfg file can lead to arbitrary code execution during boot process |
|---|
| Beschreibung | In the course of Eclypsium’s analysis, we have identified a buffer overflow vulnerability in the way that GRUB2 parses content from the GRUB2 config file (grub.cfg). Of note: The GRUB2 config file is a text file and typically is not signed like other files and executables. This vulnerability enables arbitrary code execution within GRUB2 and thus control over the booting of the operating system. As a result, an attacker could modify the contents of the GRUB2 configuration file to ensure that attack code is run before the operating system is loaded. In this way, attackers gain persistence on the device.
This vulnerability was assigned CVE-2020-10713 “GRUB2: crafted grub.cfg file can lead to arbitrary code execution during boot process” with a CVSS rating of 8.2 (High) / CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H. |
|---|
| Quelle | ⚠️ https://eclypsium.com/2020/07/29/theres-a-hole-in-the-boot |
|---|
| Benutzer | misc (UID 3) |
|---|
| Einreichung | 30.07.2020 07:51 (vor 6 Jahren) |
|---|
| Moderieren | 30.07.2020 08:34 (43 minutes later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 159143 [grub2 Config File Parser grub.cfg BootHole Pufferüberlauf] |
|---|
| Punkte | 20 |
|---|