Lucene search
PRIOn knowledge basePRION:CVE-2022-28736HistoryJul 20, 2023 - 1:15 a.m.
Design/Logic Flaw
2023-07-2001:15:00
PRIOn knowledge base
www.prio-n.com
10
grub_cmd_chainloader
use-after-free
vulnerability
memory allocation
sensitive data
arbitrary code execution
multiboot
operating systems
grub2
There’s a use-after-free vulnerability in grub_cmd_chainloader() function; The chainloader command is used to boot up operating systems that doesn’t support multiboot and do not have direct support from GRUB2. When executing chainloader more than once a use-after-free vulnerability is triggered. If an attacker can control the GRUB2’s memory allocation pattern sensitive data may be exposed and arbitrary code execution can be achieved.
Related
redhatcve
redhatcve
CVE-2022-28736
2022-06-07 17:19:57
ubuntucve
ubuntucve
CVE-2022-28736
2023-07-20 00:00:00
cvelist
cvelist
cbl_mariner
cbl_mariner
CVE-2022-28736 affecting package grub2 for versions less than 2.06-12
2023-11-08 02:07:28
CVE-2022-28736 affecting package grub2 for versions less than 2.06-14
2024-03-19 17:21:46
nvd
nvd
CVE-2022-28736
2023-07-20 01:15:10
veracode
veracode
Remote Code Execution (RCE)
2022-06-16 04:47:55
cve
cve
CVE-2022-28736
2023-07-20 01:15:10
debiancve
debiancve
CVE-2022-28736
2023-07-20 01:15:10
nessus
nessus
CBL Mariner 2.0 Security Update: grub2 (CVE-2022-28736)
2024-07-03 00:00:00
SUSE SLES12 Security Update : grub2 (SUSE-SU-2022:2038-1)
2022-06-11 00:00:00
EulerOS 2.0 SP9 : grub2 (EulerOS-SA-2022-2318)
2022-09-14 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0643
2023-09-02 00:00:00
Important Photon OS Security Update - PHSA-2023-4.0-0459
2023-08-28 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:2038-1)
2022-06-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:2039-1)
2022-06-13 00:00:00
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2022-2318)
2022-09-14 00:00:00
suse
suse
Security update for grub2 (important)
2022-06-10 00:00:00
Security update for grub2 (important)
2022-06-13 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: grub2-2.06-11.fc35
2022-06-22 01:25:16
[SECURITY] Fedora 36 Update: grub2-2.06-42.fc36
2022-06-10 01:15:49
oraclelinux
oraclelinux
grub2 security update
2022-06-07 00:00:00
grub2 security update
2022-06-07 00:00:00
grub2 security update
2023-10-27 00:00:00
redos
redos
ROS-20240208-03
2024-02-08 00:00:00
osv
osv
Important: grub2, mokutil, shim, and shim-unsigned-x64 security update
2022-06-16 00:00:00
Important: grub2, mokutil, shim, and shim-unsigned-x64 security update
2022-06-16 00:00:00
Important: grub2, mokutil, shim, and shim-unsigned-x64 security update
2022-06-16 13:10:10
almalinux
almalinux
Important: grub2, mokutil, shim, and shim-unsigned-x64 security update
2022-06-16 00:00:00
Important: grub2, mokutil, shim, and shim-unsigned-x64 security update
2022-06-16 00:00:00
redhat
redhat
rocky
rocky
grub2, mokutil, shim, and shim-unsigned-x64 security update
2022-06-16 13:10:10
grub2, mokutil, shim, and shim-unsigned-x64 security update
2022-06-16 13:17:13
amazon
amazon
Important: grub2
2023-07-17 17:40:00
gentoo
gentoo
GRUB: Multiple Vulnerabilities
2022-09-25 00:00:00
ubuntu
ubuntu
GRUB2 vulnerabilities
2023-09-08 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2300
2023-12-05 10:31:19
hp
hp
HP ThinPro 8.0 SP 7 Security Updates
2024-01-26 00:00:00
HP ThinPro 8.0 SP 8 Security Updates
2024-03-01 00:00:00
avleonov
avleonov