CVE-2021-20225
6.7
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability: 0.8 / Impact: 5.9
Source: NVD
Description
A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Affected (20)
Products: Gnu: Grub2 · Redhat: Enterprise Linux, Enterprise Linux Server Aus, Enterprise Linux Server Eus, Enterprise Linux Server Tus, Enterprise Linux Workstation · Fedoraproject: Fedora · +1 more
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 7.0 | |
| Version 7.2 | |
| Version 7.6 | |
| Version 7.4 | |
| Version 7.0 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 33 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
References (8)
Source: secalert@redhat.com
Issue TrackingThird Party Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Timeline
No history available yet.