all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

USN-6355-1: GRUB2 vulnerabilities

Add to bookmarks
Sept. 8, 2023, midnight |

Ubuntu security notices ubuntu.com

Daniel Axtens discovered that specially crafted images could cause a
heap-based out-of-bonds write. A local attacker could possibly use
this to circumvent secure boot protections. (CVE-2021-3695)

Daniel Axtens discovered that specially crafted images could cause
out-of-bonds read and write. A local attacker could possibly use this
to circumvent secure boot protections. (CVE-2021-3696)

Daniel Axtens discovered that specially crafted images could cause
buffer underwrite which allows arbitrary data to be written to a heap.
A local attacker could possibly use this …

attacker boot cve daniel grub2 images local secure boot usn vulnerabilities

Visit resource

More from ubuntu.com / Ubuntu security notices

USN-6804-1: GNU C Library vulnerabilities 1 day, 16 hours ago | ubuntu.com
attacker buffer buffer overflow cache +17
USN-6803-1: FFmpeg vulnerabilities 2 days, 14 hours ago | ubuntu.com
arbitrary code arbitrary code execution attacker code +15
USN-6802-1: PostgreSQL vulnerability 2 days, 18 hours ago | ubuntu.com
authorization can commands current +9
USN-6801-1: PyMySQL vulnerability 2 days, 18 hours ago | ubuntu.com
attacker attacks injection injection attacks +8
USN-6800-1: browserify-sign vulnerability 2 days, 19 hours ago | ubuntu.com
attack attacker automated check +10
USN-6799-1: Werkzeug vulnerability 3 days, 14 hours ago | ubuntu.com
attacker code debugger host +6
USN-6798-1: GStreamer Base Plugins vulnerability 3 days, 15 hours ago | ubuntu.com
arbitrary code attacker base code +7
USN-6796-1: TPM2 Software Stack vulnerabilities 3 days, 16 hours ago | ubuntu.com
arbitrary code arrays attacker code +10
USN-6797-1: Intel Microcode vulnerabilities 3 days, 22 hours ago | ubuntu.com
access features hardware intel +17

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com