Lucene search
Veracode Vulnerability DatabaseVERACODE:29548HistoryMar 03, 2021 - 3:42 a.m.
Arbitrary Code Execution
2021-03-0303:42:41
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
0.0004 Low
EPSS
Percentile
14.3%
grub is vulnerable to arbitrary code execution. The ACPI command is incorrectly enabled when Secure Boot is enabled, allowing an attacker to craft a malicious SSDT that overwrites the memory containing the kernel lockdown variable content, resulting in arbitrary code execution.
References
access.redhat.com/security/vulnerabilities/RHSB-2021-003
bugzilla.redhat.com/show_bug.cgi?id=1873150
lists.fedoraproject.org/archives/list/[email protected]/message/ZWZ36QK4IKU6MWDWNOOWKPH3WXZBHT2R/
security-tracker.debian.org/tracker/CVE-2020-14372
security.gentoo.org/glsa/202104-05
security.netapp.com/advisory/ntap-20210416-0004/
Related
redhatcve
redhatcve
CVE-2020-14372
2021-03-02 18:03:04
prion
prion
Design/Logic Flaw
2021-03-03 17:15:00
cbl_mariner
cbl_mariner
CVE-2020-14372 affecting package grub2 2.06~rc1-10
2021-05-06 23:56:52
CVE-2020-14372 affecting package grub2 for versions less than 2.06~rc1-7
2022-04-26 20:17:11
nvd
nvd
CVE-2020-14372
2021-03-03 17:15:11
osv
osv
CVE-2020-14372
2021-03-03 17:15:11
grub2-signed, grub2-unsigned vulnerabilities
2021-06-18 03:57:46
grub2 - security update
2021-03-02 00:00:00
alpinelinux
alpinelinux
CVE-2020-14372
2021-03-03 17:15:11
debiancve
debiancve
CVE-2020-14372
2021-03-03 17:15:11
githubexploit
githubexploit
Exploit for Incomplete List of Disallowed Inputs in Gnu Grub2
2021-04-19 23:36:25
ubuntucve
ubuntucve
CVE-2020-14372
2021-03-02 00:00:00
cvelist
cvelist
CVE-2020-14372
2021-03-03 16:40:36
cve
cve
CVE-2020-14372
2021-03-03 17:15:11
nessus
nessus
EulerOS 2.0 SP5 : grub2 (EulerOS-SA-2021-2218)
2021-07-16 00:00:00
RHEL 8 : fwupdate (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 8 : grub2 (Unpatched Vulnerability)
2024-05-11 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2021-2218)
2021-07-19 00:00:00
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2021-2082)
2021-07-07 00:00:00
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2021-2868)
2021-12-31 00:00:00
ubuntu
ubuntu
GRUB 2 vulnerabilities
2021-06-18 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: grub2-2.06~rc1-2.fc34
2021-03-26 00:18:32
[SECURITY] Fedora 34 Update: efi-rpm-macros-5-2.fc34
2021-04-23 21:04:07
[SECURITY] Fedora 33 Update: grub2-2.06~rc1-1.fc33
2021-04-10 23:06:25
oraclelinux
oraclelinux
grub2 security update
2021-03-05 00:00:00
grub2 security update
2021-03-02 00:00:00
grub2 security update
2021-03-02 00:00:00
redhat
redhat
(RHSA-2021:2566) Moderate: fwupd security update
2021-06-29 13:41:47
(RHSA-2021:0703) Moderate: grub2 security update
2021-03-02 18:59:01
(RHSA-2021:0702) Moderate: grub2 security update
2021-03-02 18:58:40
suse
suse
Security update for grub2 (important)
2021-03-22 00:00:00
rocky
rocky
shim security update
2021-05-18 05:57:10
fwupd security update
2021-06-29 13:41:47
almalinux
almalinux
Moderate: shim security update
2021-05-18 05:57:10
Moderate: grub2 security update
2021-03-02 18:54:21
Moderate: fwupd security update
2021-06-29 13:41:47
archlinux
archlinux
[ASA-202106-43] grub: multiple issues
2021-06-15 00:00:00
debian
debian
[SECURITY] [DSA 4867-1] grub2 security update
2021-03-02 18:11:33
[SECURITY] [DSA 4867-1] grub2 security update
2021-03-02 18:11:33
amazon
amazon
Medium: grub2
2021-07-14 20:30:00
Medium: grub2
2021-07-14 20:30:00
ibm
ibm
photon
photon
rosalinux
rosalinux
Advisory ROSA-SA-2021-1849
2021-07-02 17:01:29
Advisory ROSA-SA-2023-2300
2023-12-05 10:31:19
mageia
mageia
Updated grub2 packages fix security vulnerabilities
2021-07-09 01:43:19
gentoo
gentoo
GRUB: Multiple vulnerabilities
2021-04-30 00:00:00
hp
hp
HPSBHF03678 rev. 2 - GRUB2 Bootloader Arbitrary Code Execution
2020-07-25 00:00:00
redos
redos
ROS-20220920-01
2022-09-20 00:00:00
mscve
mscve
Microsoft Guidance for Addressing Security Feature Bypass in GRUB
2020-07-29 07:00:00
ics
ics
Hitachi Energy APM Edge (Update A)
2022-10-18 12:00:00