Lucene search
PRIOn knowledge basePRION:CVE-2023-4693HistoryOct 25, 2023 - 6:17 p.m.
Design/Logic Flaw
2023-10-2518:17:00
PRIOn knowledge base
www.prio-n.com
13
design logic flaw ntfs filesystem driver grub2 attacker memory leak confidentiality risk nvd
An out-of-bounds read flaw was found on grub2’s NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to be leaked, presenting a high Confidentiality risk.
| CPE | Name | Operator | Version |
|---|---|---|---|
| grub2 | lt | 2.12 | |
| enterprise_linux | eq | 8.0 | |
| enterprise_linux | eq | 9.0 |
References
access.redhat.com/security/cve/CVE-2023-4693
bugzilla.redhat.com/show_bug.cgi?id=2238343
dfir.ru/2023/10/03/cve-2023-4692-cve-2023-4693-vulnerabilities-in-the-grub-boot-manager/
lists.gnu.org/archive/html/grub-devel/2023-10/msg00028.html
seclists.org/oss-sec/2023/q4/37
security.gentoo.org/glsa/202311-14
security.netapp.com/advisory/ntap-20231208-0002/
Related
cbl_mariner
cbl_mariner
CVE-2023-4693 affecting package grub2 for versions less than 2.06-18
2024-04-19 22:15:55
CVE-2023-4693 affecting package grub2 for versions less than 2.06-13
2024-03-05 17:52:42
ubuntucve
ubuntucve
CVE-2023-4693
2023-10-03 00:00:00
debiancve
debiancve
CVE-2023-4693
2023-10-25 18:17:41
cvelist
cvelist
CVE-2023-4693 Grub2: out-of-bounds read at fs/ntfs.c
2023-10-25 10:27:29
nvd
nvd
CVE-2023-4693
2023-10-25 18:17:41
nessus
nessus
CBL Mariner 2.0 Security Update: grub2 (CVE-2023-4693)
2024-07-03 00:00:00
Amazon Linux 2023 : grub2-common, grub2-efi-aa64, grub2-efi-aa64-cdboot (ALAS2023-2023-408)
2023-11-04 00:00:00
Debian DLA-3605-1 : grub2 - LTS security update
2023-10-05 00:00:00
veracode
veracode
Out-of-bounds Read
2023-10-08 22:49:43
cve
cve
CVE-2023-4693
2023-10-25 18:17:41
redos
redos
ROS-20240405-01
2024-04-05 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2024-1035)
2024-01-05 00:00:00
Debian: Security Advisory (DLA-3605-1)
2023-10-06 00:00:00
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2024-1427)
2024-03-21 00:00:00
osv
osv
grub2-signed, grub2-unsigned vulnerabilities
2023-10-04 01:31:42
grub2 - security update
2023-10-06 00:00:00
grub2 - security update
2023-10-06 00:00:00
amazon
amazon
Important: grub2
2023-10-12 15:08:00
redhatcve
redhatcve
CVE-2023-4692
2023-10-03 18:24:36
CVE-2023-4693
2023-10-03 18:24:46
fedora
fedora
[SECURITY] Fedora 39 Update: grub2-2.06-120.fc39
2024-04-29 01:55:42
[SECURITY] Fedora 38 Update: grub2-2.06-118.fc38
2024-05-03 01:36:58
[SECURITY] Fedora 40 Update: grub2-2.06-121.fc40
2024-04-23 01:15:56
ubuntu
ubuntu
GRUB2 vulnerabilities
2023-10-04 00:00:00
debian
debian
[SECURITY] [DSA 5519-1] grub2 security update
2023-10-06 19:03:15
[SECURITY] [DLA 3605-1] grub2 security update
2023-10-05 21:45:55
rocky
rocky
grub2 security update
2024-06-14 13:59:16
almalinux
almalinux
Moderate: grub2 security update
2024-05-22 00:00:00
Moderate: grub2 security update
2024-04-30 00:00:00
redhat
redhat
(RHSA-2024:2456) Moderate: grub2 security update
2024-04-30 06:15:45
(RHSA-2024:3184) Moderate: grub2 security update
2024-05-22 06:35:52
oraclelinux
oraclelinux
grub2 security update
2024-05-24 00:00:00
grub2 security update
2024-05-03 00:00:00
mageia
mageia
Updated grub2 packages fix security vulnerabilities
2024-03-28 06:52:55
photon
photon
Important Photon OS Security Update - PHSA-2023-5.0-0130
2023-10-30 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0505
2023-11-04 00:00:00
Critical Photon OS Security Update - PHSA-2023-3.0-0681
2023-11-04 00:00:00
hp
hp
HP ThinPro 8.1 SP 2 Security Updates
2024-04-12 00:00:00