CVSS: 6.4EPSS: 0%CPEs: 33EXPL: 1CVE-2020-15707 – GRUB2 contained integer overflows when handling the initrd command, leading to a heap-based buffer overflow.
https://notcve.org/view.php?id=CVE-2020-15707
28 Jul 2020 — Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI ... • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html • CWE-190: Integer Overflow or Wraparound CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.8EPSS: 2%CPEs: 6EXPL: 1CVE-2015-8370 – grub2: buffer overflow when checking password entered during bootup
https://notcve.org/view.php?id=CVE-2015-8370
15 Dec 2015 — Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a denial of service (disk corruption) via backspace characters in the (1) grub_username_get function in grub-core/normal/auth.c or the (2) grub_password_get function in lib/crypto.c, which trigger an "Off-by-two" or "Out of bounds overwrite" memory error. Múltiple desbordamiento inferior de entero en Grub2 1.98 hasta la versión 2.02 permite a atacantes ... • http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-264: Permissions, Privileges, and Access Controls CWE-787: Out-of-bounds Write •