CVE-2015-8370

CVSS v3.1

7.4

High

Vector

AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Grub2 versions 1.98 through 2.02

Description The issue is caused by multiple integer underflows that allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a denial of service (disk corruption). This can be achieved via backspace characters in the grub username get function in grub-core/normal/auth.c or the grub password get function in lib/crypto.c, triggering an "Off-by-two" or "Out of bounds overwrite" memory error.

Recommendations For Grub2 versions 1.98 through 2.02, as a temporary workaround, consider disabling the grub username get and grub password get functions until a patch is available. Restrict access to the grub-core/normal/auth.c and lib/crypto.c modules to minimize the risk of exploitation. Avoid using backspace characters in the affected functions until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Integer Underflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-191CWE-264

Related Identifiers

ALT-PU-2015-2125

ALT-PU-2020-3534

ALT-PU-2021-3464

BDU:2016-00001

CVE-2015-8370

DLA-368-1

DSA-3421-1

ELSA-2015-2623

MGASA-2015-0480

OPENSUSE-SU-2015_2375-1

OPENSUSE-SU-2016_0036-1

OPENSUSE-SU-2024:10078-1

RHSA-2015:2623

RHSA-2015_2623

SUSE-SU-2015:2385-1

SUSE-SU-2015:2386-1

SUSE-SU-2015:2387-1

SUSE-SU-2015:2399-1

SUSE-SU-2015_2385-1

SUSE-SU-2015_2386-1

SUSE-SU-2015_2387-1

SUSE-SU-2015_2399-1

USN-2836-1

Affected Products

Alt Linux

Grub2

Red Hat

Suse

Ubuntu

CVE-2015-8370

Weakness Enumeration

Related Identifiers

Affected Products

References · 121