csaf_certbund - wid-sec-w-2022-2058

wid-sec-w-2022-2058

Vulnerability from csaf_certbund

Published

2022-11-15 23:00

Modified

2024-07-24 22:00

Summary

Grub2: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Grand Unified Bootloader (Grub) ist ein freies Bootloader-Programm des GNU Projekts.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen in Grub ausnutzen, um Sicherheitsvorkehrungen zu umgehen, Dateien zu manipulieren oder einen Denial of Service zu verursachen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Grand Unified Bootloader (Grub) ist ein freies Bootloader-Programm des GNU Projekts.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Grub ausnutzen, um Sicherheitsvorkehrungen zu umgehen, Dateien zu manipulieren oder einen Denial of Service zu verursachen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2022-2058 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2058.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2022-2058 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2058"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory vom 2022-11-15",
        "url": "https://access.redhat.com/errata/RHSA-2022:8494"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3190 vom 2022-11-16",
        "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00018.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:4143-1 vom 2022-11-21",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-November/013046.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:4142-1 vom 2022-11-21",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-November/013044.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:4141-1 vom 2022-11-21",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-November/013048.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:4144-1 vom 2022-11-21",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-November/013042.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:4140-1 vom 2022-11-21",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-November/013041.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:4219-1 vom 2022-11-25",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-November/013113.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:4218-1 vom 2022-11-25",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-November/013111.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:4302-1 vom 2022-12-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-December/013179.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:8800 vom 2022-12-06",
        "url": "https://access.redhat.com/errata/RHSA-2022:8800"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:8978 vom 2022-12-13",
        "url": "https://access.redhat.com/errata/RHSA-2022:8978"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:0047 vom 2023-01-09",
        "url": "https://access.redhat.com/errata/RHSA-2023:0047"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:0048 vom 2023-01-09",
        "url": "https://access.redhat.com/errata/RHSA-2023:0048"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:0049 vom 2023-01-09",
        "url": "https://access.redhat.com/errata/RHSA-2023:0049"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2023-12019 vom 2023-01-12",
        "url": "http://linux.oracle.com/errata/ELSA-2023-12019.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2023-0049 vom 2023-01-25",
        "url": "http://linux.oracle.com/errata/ELSA-2023-0049.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3312 vom 2023-02-08",
        "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00006.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:0752 vom 2023-02-14",
        "url": "https://access.redhat.com/errata/RHSA-2023:0752"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 6965816 vom 2023-03-24",
        "url": "https://www.ibm.com/support/pages/node/6965816"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2023:1701-1 vom 2023-03-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/014265.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2023-0752 vom 2023-06-13",
        "url": "https://linux.oracle.com/errata/ELSA-2023-0752.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2023-2146 vom 2023-07-20",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2146.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6355-1 vom 2023-09-08",
        "url": "https://ubuntu.com/security/notices/USN-6355-1"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2023-283 vom 2024-01-23",
        "url": "https://alas.aws.amazon.com/AL2022/ALAS-2023-283.html"
      },
      {
        "category": "external",
        "summary": "Gentoo Linux Security Advisory GLSA-202311-14 vom 2023-11-25",
        "url": "https://security.gentoo.org/glsa/202311-14"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2002 vom 2024-04-23",
        "url": "https://access.redhat.com/errata/RHSA-2024:2002"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-3184 vom 2024-05-28",
        "url": "https://linux.oracle.com/errata/ELSA-2024-3184.html"
      },
      {
        "category": "external",
        "summary": "CentOS Security Advisory CESA-2024:2002 vom 2024-06-06",
        "url": "https://lwn.net/Articles/973019"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7161468 vom 2024-07-24",
        "url": "https://www.ibm.com/support/pages/node/7161468"
      }
    ],
    "source_lang": "en-US",
    "title": "Grub2: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-07-24T22:00:00.000+00:00",
      "generator": {
        "date": "2024-07-25T08:36:38.580+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2022-2058",
      "initial_release_date": "2022-11-15T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2022-11-15T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2022-11-16T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2022-11-21T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-11-22T23:00:00.000+00:00",
          "number": "4",
          "summary": "Referenz(en) aufgenommen: FEDORA-2022-3130C677B4, FEDORA-2022-9B03E69561"
        },
        {
          "date": "2022-11-23T23:00:00.000+00:00",
          "number": "5",
          "summary": "Referenz(en) aufgenommen: FEDORA-2022-7CE9378E90, FEDORA-2022-F86E203BAF"
        },
        {
          "date": "2022-11-27T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-12-01T23:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-12-06T23:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-12-13T23:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2023-01-09T23:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2023-01-12T23:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2023-01-25T23:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2023-02-08T23:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2023-02-14T23:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2023-03-23T23:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2023-03-30T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2023-06-13T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2023-07-19T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2023-09-07T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2023-11-26T23:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Gentoo aufgenommen"
        },
        {
          "date": "2024-01-22T23:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2024-04-23T22:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-05-28T22:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-06-05T22:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von CentOS aufgenommen"
        },
        {
          "date": "2024-07-24T22:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von IBM aufgenommen"
        }
      ],
      "status": "final",
      "version": "25"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Gentoo Linux",
            "product": {
              "name": "Gentoo Linux",
              "product_id": "T012167",
              "product_identification_helper": {
                "cpe": "cpe:/o:gentoo:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Gentoo"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "11.5",
                "product": {
                  "name": "IBM Security Guardium 11.5",
                  "product_id": "1411051",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:security_guardium:11.5"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Security Guardium"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c10.1.14",
                "product": {
                  "name": "IBM Spectrum Protect \u003c10.1.14",
                  "product_id": "T026783",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:spectrum_protect:10.1.14"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Spectrum Protect"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source CentOS",
            "product": {
              "name": "Open Source CentOS",
              "product_id": "1727",
              "product_identification_helper": {
                "cpe": "cpe:/o:centos:centos:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "2",
                "product": {
                  "name": "Open Source Grub 2",
                  "product_id": "T015539",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:gnu:grub:2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Grub"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-2601",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Grub2. Ein Puffer\u00fcberlauf in \"grub_font_construct_glyph()\" kann zu einem Out-of-Bound-Schreiben und einer m\u00f6glichen Umgehung des Secure Boot f\u00fchren. Ein privilegierter Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsvorkehrungen zu umgehen"
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T015539",
          "67646",
          "T000126",
          "398363",
          "T012167",
          "1727",
          "T004914",
          "T026783",
          "1411051"
        ]
      },
      "release_date": "2022-11-15T23:00:00Z",
      "title": "CVE-2022-2601"
    },
    {
      "cve": "CVE-2022-3775",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Grub. Beim Rendern bestimmter Unicode-Sequenzen werden die Schriftbreite und -h\u00f6he nicht richtig validiert. Diese Werte werden weiter verwendet, um auf den Schriftpuffer zuzugreifen, was zu Out-of-Bounds-Writes f\u00fchren kann. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um Dateien zu manipulieren oder einen Denial of Service zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T015539",
          "67646",
          "T000126",
          "398363",
          "T012167",
          "1727",
          "T004914",
          "T026783",
          "1411051"
        ]
      },
      "release_date": "2022-11-15T23:00:00Z",
      "title": "CVE-2022-3775"
    }
  ]
}

cve-2022-3775

Vulnerability from cvelistv5

Published

2022-12-19 00:00

Modified

2024-08-03 01:20

Severity

Summary

When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.

References

URL	Tags
https://access.redhat.com/security/cve/cve-2022-3775
https://security.gentoo.org/glsa/202311-14	vendor-advisory

Impacted products

Vendor	Product
n/a	grub2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T01:20:57.693Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/cve-2022-3775"
          },
          {
            "name": "GLSA-202311-14",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202311-14"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "grub2",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "All up to 2.06"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "When rendering certain unicode sequences, grub2\u0027s font code doesn\u0027t proper validate if the informed glyph\u0027s width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2\u0027s heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-25T12:06:19.532925",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://access.redhat.com/security/cve/cve-2022-3775"
        },
        {
          "name": "GLSA-202311-14",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202311-14"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2022-3775",
    "datePublished": "2022-12-19T00:00:00",
    "dateReserved": "2022-10-31T00:00:00",
    "dateUpdated": "2024-08-03T01:20:57.693Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-2601

Vulnerability from cvelistv5

Published

2022-12-14 00:00

Modified

2024-08-22 01:13

Severity

Summary

A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism.

References

URL	Tags
https://bugzilla.redhat.com/show_bug.cgi?id=2112975#c0
https://security.netapp.com/advisory/ntap-20230203-0004/
https://security.gentoo.org/glsa/202311-14	vendor-advisory

Impacted products

Vendor	Product
n/a	grub2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-22T01:13:28.591Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://arstechnica.com/security/2024/08/a-patch-microsoft-spent-2-years-preparing-is-making-a-mess-for-some-linux-users/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2112975#c0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20230203-0004/"
          },
          {
            "name": "GLSA-202311-14",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202311-14"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "grub2",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "grub2 2.06 and lower"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122-\u003eCWE-787",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-25T12:06:24.538109",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2112975#c0"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20230203-0004/"
        },
        {
          "name": "GLSA-202311-14",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202311-14"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2022-2601",
    "datePublished": "2022-12-14T00:00:00",
    "dateReserved": "2022-08-01T00:00:00",
    "dateUpdated": "2024-08-22T01:13:28.591Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Action not permitted

wid-sec-w-2022-2058

Vulnerability from csaf_certbund

cve-2022-3775

Vulnerability from cvelistv5

cve-2022-2601

Vulnerability from cvelistv5

Tags