PT-2023-8571 · Grub2+10 · Grub2+10

Daniel Axtens

·

Publicado

2022-06-07

·

Atualizado

2024-09-05

·

CVE-2022-28734

CVSS v3.1

8.1

Alta

VetorAV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions GRUB2 (affected versions not specified)
Description The issue is related to an out-of-bounds write when handling split HTTP headers. When GRUB2's HTTP code processes split HTTP headers, it accidentally moves its internal data buffer point by one position, potentially leading to an out-of-bound write when parsing the HTTP request. This can result in writing a NULL byte past the buffer, which may allow an attacker to corrupt GRUB2's internal memory metadata. The vulnerability can be exploited by a remote attacker to cause a denial of service.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

ALSA-2022:5095
ALSA-2022:5099
ALT-PU-2023-1427
ALT-PU-2023-6074
ALT-PU-2024-11222
AZL-27552
AZL-34789
BDU:2024-01201
CESA-2022_5095
CVE-2022-28734
OESA-2022-1734
OPENSUSE-SU-2022_2035-1
OPENSUSE-SU-2022_2064-1
OPENSUSE-SU-2024:12137-1
RHSA-2022:5095
RHSA-2022:5096
RHSA-2022:5098
RHSA-2022:5099
RHSA-2022:5100
RHSA-2022_5095
RHSA-2022_5099
RLSA-2022:5095
RLSA-2022:5099
ROSA-SA-2024-2349
SUSE-SU-2022:2035-1
SUSE-SU-2022:2036-1
SUSE-SU-2022:2037-1
SUSE-SU-2022:2038-1
SUSE-SU-2022:2039-1
SUSE-SU-2022:2041-1
SUSE-SU-2022:2064-1
SUSE-SU-2022:2073-1
SUSE-SU-2022:2074-1
USN-6355-1

Produtos afetados

Alt Linux
Almalinux
Astra Linux
Centos
Grub2
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu