CVE-2022-28733 in Grub2informação

Sumário

de MITRE • 20/07/2023

Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. Under certain circumstances the total_len value may end up wrapping around to a small integer number which will be used in memory allocation. If the attack succeeds in such way, subsequent operations can write past the end of the buffer.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Responsável

Canonical Ltd.

Reservar

05/04/2022

Divulgação

20/07/2023

Moderação

aceite

Entrada

VDB-235028

CPE

pronto

EPSS

0.01284

KEV

não

Atividades

muito baixo

Fontes

Do you need the next level of professionalism?

Upgrade your account now!