Search criteria
3 vulnerabilities found for fedora_coreos by redhat
FKIE_CVE-2022-3675
Vulnerability from fkie_nvd - Published: 2022-11-03 18:15 - Updated: 2024-11-21 07:20
Severity ?
2.6 (Low) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
Fedora CoreOS supports setting a GRUB bootloader password
using a Butane config. When this feature is enabled, GRUB requires a password to access the
GRUB command-line, modify kernel command-line arguments, or boot
non-default OSTree deployments. Recent Fedora CoreOS releases have a
misconfiguration which allows booting non-default OSTree deployments
without entering a password. This allows someone with access to the
GRUB menu to boot into an older version of Fedora CoreOS, reverting
any security fixes that have recently been applied to the machine. A
password is still required to modify kernel command-line arguments and
to access the GRUB command line.
References
| URL | Tags | ||
|---|---|---|---|
| patrick@puiterwijk.org | https://docs.fedoraproject.org/en-US/fedora-coreos/grub-password/ | Vendor Advisory | |
| patrick@puiterwijk.org | https://github.com/coreos/fedora-coreos-tracker/issues/1333 | Issue Tracking, Third Party Advisory | |
| patrick@puiterwijk.org | https://lists.fedoraproject.org/archives/list/coreos-status@lists.fedoraproject.org/thread/NHUCNH5Y4UH5DPUCXISYXXVA563TLFEJ/ | Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.fedoraproject.org/en-US/fedora-coreos/grub-password/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/coreos/fedora-coreos-tracker/issues/1333 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/coreos-status@lists.fedoraproject.org/thread/NHUCNH5Y4UH5DPUCXISYXXVA563TLFEJ/ | Mailing List, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | fedora_coreos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:fedora_coreos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E39CD0D4-960C-48F7-BD25-1362B062C27B",
"versionEndExcluding": "37.20221031.1.0",
"versionStartIncluding": "36.20220820.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Fedora CoreOS supports setting a GRUB bootloader password\nusing a Butane config. When this feature is enabled, GRUB requires a password to access the\nGRUB command-line, modify kernel command-line arguments, or boot\nnon-default OSTree deployments. Recent Fedora CoreOS releases have a\nmisconfiguration which allows booting non-default OSTree deployments\nwithout entering a password. This allows someone with access to the\nGRUB menu to boot into an older version of Fedora CoreOS, reverting\nany security fixes that have recently been applied to the machine. A\npassword is still required to modify kernel command-line arguments and\nto access the GRUB command line.\n\n\n\n"
},
{
"lang": "es",
"value": "Fedora CoreOS admite la configuraci\u00f3n de una contrase\u00f1a del cargador de arranque GRUB usando una configuraci\u00f3n de Butane. Cuando esta caracter\u00edstica est\u00e1 habilitada, GRUB requiere una contrase\u00f1a para acceder a la l\u00ednea de comandos de GRUB, modificar los argumentos de la l\u00ednea de comandos del kernel o iniciar implementaciones de OSTree no predeterminadas. Las versiones recientes de Fedora CoreOS tienen una configuraci\u00f3n incorrecta que permite iniciar implementaciones OSTree no predeterminadas sin ingresar una contrase\u00f1a. Esto permite que alguien con acceso al men\u00fa de GRUB inicie una versi\u00f3n anterior de Fedora CoreOS, revirtiendo cualquier correcci\u00f3n de seguridad que se haya aplicado recientemente a la m\u00e1quina. A\u00fan se requiere una contrase\u00f1a para modificar los argumentos de la l\u00ednea de comandos del kernel y acceder a la l\u00ednea de comandos de GRUB."
}
],
"id": "CVE-2022-3675",
"lastModified": "2024-11-21T07:20:00.590",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4,
"source": "patrick@puiterwijk.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-11-03T18:15:14.627",
"references": [
{
"source": "patrick@puiterwijk.org",
"tags": [
"Vendor Advisory"
],
"url": "https://docs.fedoraproject.org/en-US/fedora-coreos/grub-password/"
},
{
"source": "patrick@puiterwijk.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/coreos/fedora-coreos-tracker/issues/1333"
},
{
"source": "patrick@puiterwijk.org",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/coreos-status@lists.fedoraproject.org/thread/NHUCNH5Y4UH5DPUCXISYXXVA563TLFEJ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://docs.fedoraproject.org/en-US/fedora-coreos/grub-password/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/coreos/fedora-coreos-tracker/issues/1333"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/coreos-status@lists.fedoraproject.org/thread/NHUCNH5Y4UH5DPUCXISYXXVA563TLFEJ/"
}
],
"sourceIdentifier": "patrick@puiterwijk.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "patrick@puiterwijk.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2022-3675 (GCVE-0-2022-3675)
Vulnerability from cvelistv5 – Published: 2022-11-03 17:25 – Updated: 2025-05-02 18:53
VLAI?
Summary
Fedora CoreOS supports setting a GRUB bootloader password
using a Butane config. When this feature is enabled, GRUB requires a password to access the
GRUB command-line, modify kernel command-line arguments, or boot
non-default OSTree deployments. Recent Fedora CoreOS releases have a
misconfiguration which allows booting non-default OSTree deployments
without entering a password. This allows someone with access to the
GRUB menu to boot into an older version of Fedora CoreOS, reverting
any security fixes that have recently been applied to the machine. A
password is still required to modify kernel command-line arguments and
to access the GRUB command line.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fedora Project | CoreOS |
Affected:
testing 36.20220906.2.0 and later , < testing 36.20221030.2.0
(fix)
Affected: next 36.20220906.1.0 and later , < next 37.20221031.1.0 (fix) Affected: stable 36.20220820.3.0 and later , < stable 36.20221014.3.0 (fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:14:03.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/coreos/fedora-coreos-tracker/issues/1333"
},
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/coreos-status@lists.fedoraproject.org/thread/NHUCNH5Y4UH5DPUCXISYXXVA563TLFEJ/"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://docs.fedoraproject.org/en-US/fedora-coreos/grub-password/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-3675",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-02T18:53:02.484531Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-02T18:53:10.153Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "coreos-assembler",
"product": "CoreOS",
"vendor": "Fedora Project",
"versions": [
{
"lessThan": "testing 36.20221030.2.0 ",
"status": "affected",
"version": "testing 36.20220906.2.0 and later",
"versionType": "fix"
},
{
"lessThan": "next 37.20221031.1.0",
"status": "affected",
"version": "next 36.20220906.1.0 and later",
"versionType": "fix"
},
{
"lessThan": "stable 36.20221014.3.0",
"status": "affected",
"version": "stable 36.20220820.3.0 and later",
"versionType": "fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eFedora CoreOS supports setting a GRUB bootloader password\nusing a Butane config. When this feature is enabled, GRUB requires a password to access the\nGRUB command-line, modify kernel command-line arguments, or boot\nnon-default OSTree deployments. Recent Fedora CoreOS releases have a\nmisconfiguration which allows booting non-default OSTree deployments\nwithout entering a password. This allows someone with access to the\nGRUB menu to boot into an older version of Fedora CoreOS, reverting\nany security fixes that have recently been applied to the machine. A\npassword is still required to modify kernel command-line arguments and\nto access the GRUB command line.\n\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Fedora CoreOS supports setting a GRUB bootloader password\nusing a Butane config. When this feature is enabled, GRUB requires a password to access the\nGRUB command-line, modify kernel command-line arguments, or boot\nnon-default OSTree deployments. Recent Fedora CoreOS releases have a\nmisconfiguration which allows booting non-default OSTree deployments\nwithout entering a password. This allows someone with access to the\nGRUB menu to boot into an older version of Fedora CoreOS, reverting\nany security fixes that have recently been applied to the machine. A\npassword is still required to modify kernel command-line arguments and\nto access the GRUB command line.\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-03T17:49:43.071Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/coreos/fedora-coreos-tracker/issues/1333"
},
{
"tags": [
"release-notes"
],
"url": "https://lists.fedoraproject.org/archives/list/coreos-status@lists.fedoraproject.org/thread/NHUCNH5Y4UH5DPUCXISYXXVA563TLFEJ/"
},
{
"tags": [
"related"
],
"url": "https://docs.fedoraproject.org/en-US/fedora-coreos/grub-password/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2022-3675",
"datePublished": "2022-11-03T17:25:02.823Z",
"dateReserved": "2022-10-24T06:40:10.332Z",
"dateUpdated": "2025-05-02T18:53:10.153Z",
"requesterUserId": "f3a2da25-33ae-4444-b293-a5bd0f5d6b21",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-3675 (GCVE-0-2022-3675)
Vulnerability from nvd – Published: 2022-11-03 17:25 – Updated: 2025-05-02 18:53
VLAI?
Summary
Fedora CoreOS supports setting a GRUB bootloader password
using a Butane config. When this feature is enabled, GRUB requires a password to access the
GRUB command-line, modify kernel command-line arguments, or boot
non-default OSTree deployments. Recent Fedora CoreOS releases have a
misconfiguration which allows booting non-default OSTree deployments
without entering a password. This allows someone with access to the
GRUB menu to boot into an older version of Fedora CoreOS, reverting
any security fixes that have recently been applied to the machine. A
password is still required to modify kernel command-line arguments and
to access the GRUB command line.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fedora Project | CoreOS |
Affected:
testing 36.20220906.2.0 and later , < testing 36.20221030.2.0
(fix)
Affected: next 36.20220906.1.0 and later , < next 37.20221031.1.0 (fix) Affected: stable 36.20220820.3.0 and later , < stable 36.20221014.3.0 (fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:14:03.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/coreos/fedora-coreos-tracker/issues/1333"
},
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/coreos-status@lists.fedoraproject.org/thread/NHUCNH5Y4UH5DPUCXISYXXVA563TLFEJ/"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://docs.fedoraproject.org/en-US/fedora-coreos/grub-password/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-3675",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-02T18:53:02.484531Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-02T18:53:10.153Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "coreos-assembler",
"product": "CoreOS",
"vendor": "Fedora Project",
"versions": [
{
"lessThan": "testing 36.20221030.2.0 ",
"status": "affected",
"version": "testing 36.20220906.2.0 and later",
"versionType": "fix"
},
{
"lessThan": "next 37.20221031.1.0",
"status": "affected",
"version": "next 36.20220906.1.0 and later",
"versionType": "fix"
},
{
"lessThan": "stable 36.20221014.3.0",
"status": "affected",
"version": "stable 36.20220820.3.0 and later",
"versionType": "fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eFedora CoreOS supports setting a GRUB bootloader password\nusing a Butane config. When this feature is enabled, GRUB requires a password to access the\nGRUB command-line, modify kernel command-line arguments, or boot\nnon-default OSTree deployments. Recent Fedora CoreOS releases have a\nmisconfiguration which allows booting non-default OSTree deployments\nwithout entering a password. This allows someone with access to the\nGRUB menu to boot into an older version of Fedora CoreOS, reverting\nany security fixes that have recently been applied to the machine. A\npassword is still required to modify kernel command-line arguments and\nto access the GRUB command line.\n\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Fedora CoreOS supports setting a GRUB bootloader password\nusing a Butane config. When this feature is enabled, GRUB requires a password to access the\nGRUB command-line, modify kernel command-line arguments, or boot\nnon-default OSTree deployments. Recent Fedora CoreOS releases have a\nmisconfiguration which allows booting non-default OSTree deployments\nwithout entering a password. This allows someone with access to the\nGRUB menu to boot into an older version of Fedora CoreOS, reverting\nany security fixes that have recently been applied to the machine. A\npassword is still required to modify kernel command-line arguments and\nto access the GRUB command line.\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-03T17:49:43.071Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/coreos/fedora-coreos-tracker/issues/1333"
},
{
"tags": [
"release-notes"
],
"url": "https://lists.fedoraproject.org/archives/list/coreos-status@lists.fedoraproject.org/thread/NHUCNH5Y4UH5DPUCXISYXXVA563TLFEJ/"
},
{
"tags": [
"related"
],
"url": "https://docs.fedoraproject.org/en-US/fedora-coreos/grub-password/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2022-3675",
"datePublished": "2022-11-03T17:25:02.823Z",
"dateReserved": "2022-10-24T06:40:10.332Z",
"dateUpdated": "2025-05-02T18:53:10.153Z",
"requesterUserId": "f3a2da25-33ae-4444-b293-a5bd0f5d6b21",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}