Gnu Project Gnu Grub vulnerabilities

CVE-2022-28734 [HIGH] CWE-787 CVE-2022-28734: Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP c Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte past the buffer. It's conceivable that an attacker controlled set of packets can lead

CVE-2022-28735 [HIGH] CVE-2022-28735: The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot syst The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. Allowing such files to be loaded may lead to unverified code and modules to be loaded in GRUB2 breaking the secure boot trust-chain.

CVE-2022-28736 [HIGH] CWE-416 CVE-2022-28736: There's a use-after-free vulnerability in grub_cmd_chainloader() function; The chainloader command i There's a use-after-free vulnerability in grub_cmd_chainloader() function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support from GRUB2. When executing chainloader more than once a use-after-free vulnerability is triggered. If an attacker can control the GRUB2's memory allocation

CVE-2022-28733 [HIGH] CWE-191 CVE-2022-28733: Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. Under certain circumstances the total_len value may end up wrapping around to a small integer number which will be used in memory allocation. If the attack succeeds in such way,