CVE-2022-2601Heap-based Buffer Overflow in Grub2

CWE-122Heap-based Buffer OverflowCWE-121Stack-based Buffer OverflowCWE-787Out-of-bounds WriteCWE-79Cross-site Scripting23 documents11 sources
Severity
8.6HIGHNVD
GHSA5.4
EPSS
0.1%
top 79.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
GNU Grub2Fedoraproject FedoraRedhat Enterprise Linux EUS+5 more
Timeline
PublishedDec 14
Latest updateMay 14

Description

A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:HExploitability: 1.8 | Impact: 6.0

Affected Packages3 packages

Debiangnu/grub2< 2.06-3~deb11u4+3
NVDgnu/grub22.06
CVEListV5gnu/grub2grub2 2.06 and lower

Also affects: Fedora 37, Enterprise Linux 9.0, 8.2, 8.1

🔴Vulnerability Details

10
GHSA
GHSA-c8f6-x9xm-x27g: A buffer overflow was found in grub_font_construct_glyph()2022-12-14
CVEList
CVE-2022-2601: A buffer overflow was found in grub_font_construct_glyph()2022-12-14
OSV
CVE-2022-2601: A buffer overflow was found in grub_font_construct_glyph()2022-12-14
GHSA
Cross-site Scripting in Jenkins Validating Email Parameter Plugin2022-07-01
GHSA
Cross-site Scripting in Jenkins Hidden Parameter Plugin2022-06-24

📋Vendor Advisories

5
Oracle
Oracle Oracle Communications Risk Matrix: Platform (grub2) — CVE-2022-26012024-10-15
Microsoft
Redhat: CVE-2022-2601 grub2 - Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass2024-08-13
Microsoft
CVE-2022-2601: FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One2022-12-13
Red Hat
grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass2022-11-15
Debian
CVE-2022-2601: grub2 - A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted ...2022

🕵️Threat Intelligence

2
Bleepingcomputer
Microsoft fixes Linux boot issues on dual-boot Windows systems2025-05-14
Bleepingcomputer
Microsoft shares temp fix for Linux boot issues on dual-boot systems2024-08-23
CVE-2022-2601 — Heap-based Buffer Overflow in GNU Grub2 | cvebase