grub2 is vulnerable to remote code execution. The vulnerability exists due to an out-of-bounds write in the heap area allowing an attacker to inject maliciously crafted script into the system via a crafted 16-bit grayscale PNG image which allows an attacker to inject malicious codes.