PT-2022-5491 · Grub2+11 · Grub2+11

Daniel Axtens

·

Published

2022-11-15

·

Updated

2024-09-05

·

CVE-2022-3775

CVSS v3.1

7.1

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Name of the Vulnerable Software and Affected Versions grub2 (affected versions not specified)
Description The issue arises when rendering certain unicode sequences, as grub2's font code does not properly validate if the informed glyph's width and height is constrained within bitmap size. This allows an attacker to craft an input that leads to an out-of-bounds write into grub2's heap, resulting in memory corruption and availability issues. Although complex, arbitrary code execution cannot be ruled out. The vulnerability can be exploited by remote attackers to execute arbitrary code and impact the system.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

RCE

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALSA-2023:0049
ALSA-2023:0752
ALT-PU-2023-1427
ALT-PU-2023-5782
ALT-PU-2023-6074
ALT-PU-2024-11222
AZL-12079
AZL-34792
BDU:2022-06820
CESA-2023_0049
CVE-2022-3775
DLA-3190-1
DLA-3190-2
DSA-5280-1
OESA-2022-2118
OPENSUSE-SU-2022_4141-1
OPENSUSE-SU-2022_4219-1
OPENSUSE-SU-2024:12517-1
RHSA-2022:8494
RHSA-2022:8800
RHSA-2022:8978
RHSA-2023:0047
RHSA-2023:0048
RHSA-2023:0049
RHSA-2023:0752
RHSA-2023_0049
RHSA-2023_0752
RLSA-2023:0049
RLSA-2023:0752
ROSA-SA-2024-2348
ROSA-SA-2024-2461
SUSE-SU-2022:4140-1
SUSE-SU-2022:4141-1
SUSE-SU-2022:4142-1
SUSE-SU-2022:4143-1
SUSE-SU-2022:4144-1
SUSE-SU-2022:4218-1
SUSE-SU-2022:4219-1
SUSE-SU-2022:4302-1
SUSE-SU-2023:1701-1
USN-6355-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu
Windows
Grub2