GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions.
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
29/07/2020
by Redhat
2 months ago
by Gnu
5 months ago
by Redhat
4 years ago
by Microsoft
16 days ago
by Microsoft
16 days ago
by Microsoft
16 days ago
by Redhat
a month ago
by Debian
a month ago
by Canonical
3 months ago
by Microsoft
6 months ago
by Opensuse
6 months ago
by Microsoft
10 months ago
by Microsoft
10 months ago