PT-2020-6593 · Grub2+8 · Grub2+8

Published

2020-10-09

·

Updated

2024-06-15

·

CVE-2020-25647

CVSS v3.1

7.6

High

VectorAV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions grub2 versions prior to 2.06
Description A flaw was found in grub2 during USB device initialization, where descriptors are read with very little bounds checking, assuming the USB device provides sane values. If properly exploited, an attacker could trigger memory corruption leading to arbitrary code execution, allowing a bypass of the Secure Boot mechanism. The highest threat from this issue is to data confidentiality and integrity as well as system availability.
Recommendations For versions prior to 2.06, update to version 2.06 or later to resolve the issue. As a temporary workaround, consider restricting access to USB devices during the boot process to minimize the risk of exploitation.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALSA-2021:1734
ALT-PU-2021-1969
ALT-PU-2021-3464
AZL-6462
BDU:2022-00337
CESA-2021_0696
CESA-2021_1734
CESA-2021_2566
CVE-2020-25647
DSA-4867-1
MGASA-2021-0315
OESA-2021-1095
OPENSUSE-SU-2021:0462-1
OPENSUSE-SU-2021_0462-1
OPENSUSE-SU-2024:10824-1
RHSA-2021:0696
RHSA-2021:0697
RHSA-2021:0698
RHSA-2021:0699
RHSA-2021:0700
RHSA-2021:0701
RHSA-2021:0702
RHSA-2021:0703
RHSA-2021:0704
RHSA-2021:1734
RHSA-2021:2566
RHSA-2021:2790
RHSA-2021:3675
RHSA-2021_0696
RHSA-2021_0699
RHSA-2021_1734
RHSA-2021_2566
RLSA-2021:1734
RLSA-2021:2566
SUSE-SU-2021:0679-1
SUSE-SU-2021:0681-1
SUSE-SU-2021:0682-1
SUSE-SU-2021:0683-1
SUSE-SU-2021:0684-1
SUSE-SU-2021:0685-1
SUSE-SU-2021:14659-1
SUSE-SU-2021_14659-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Red Hat
Red Os
Rocky Linux
Suse
Grub2