CVE-2020-15706

EPSS 0.06%
Published 29.07.2020 18:15:14
Last modified 21.11.2024 05:06:03
Source security@ubuntu.com
Teams watchlist Login
Open Login

GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions.

Affected products Warnungen 0 Metrics 4 CWE 2 References 20

Data is provided by the National Vulnerability Database (NVD)

Gnu ≫ Grub2 Version <= 2.04

Redhat ≫ Enterprise Linux Atomic Host Version-

Redhat ≫ Openshift Container Platform Version4.0

Canonical ≫ Ubuntu Linux Version14.04 SwEditionesm

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Debian ≫ Debian Linux Version10.0

Redhat ≫ Enterprise Linux Version7.0

Redhat ≫ Enterprise Linux Version8.0

Suse ≫ Suse Linux Enterprise Server Version11

Suse ≫ Suse Linux Enterprise Server Version12

Suse ≫ Suse Linux Enterprise Server Version15

Microsoft ≫ Windows 10 Version-

Microsoft ≫ Windows 10 Version1607

Microsoft ≫ Windows 10 Version1709

Microsoft ≫ Windows 10 Version1803

Microsoft ≫ Windows 10 Version1809

Microsoft ≫ Windows 10 Version1903

Microsoft ≫ Windows 10 Version1909

Microsoft ≫ Windows 10 Version2004

Microsoft ≫ Windows 8.1 Version-

Microsoft ≫ Windows Rt 8.1 Version-

Microsoft ≫ Windows Server 2012 Version-

Microsoft ≫ Windows Server 2012 Versionr2

Microsoft ≫ Windows Server 2016 Version-

Microsoft ≫ Windows Server 2016 Version1903

Microsoft ≫ Windows Server 2016 Version1909

Microsoft ≫ Windows Server 2016 Version2004

Microsoft ≫ Windows Server 2019 Version-

Opensuse ≫ Leap Version15.1

Opensuse ≫ Leap Version15.2

Canonical ≫ Ubuntu Linux Version14.04 SwEditionesm

Canonical ≫ Ubuntu Linux Version16.04 SwEditionesm

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.191

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.4	0.5	5.9	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.4	3.4	6.4	AV:L/AC:M/Au:N/C:P/I:P/A:P
security@ubuntu.com	6.4	0.5	5.9	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

http://www.openwall.com/lists/oss-security/2020/07/29/3

Third Party Advisory

Mailing List

http://ubuntu.com/security/notices/USN-4432-1

Third Party Advisory

https://access.redhat.com/security/vulnerabilities/grub2bootloader

Third Party Advisory

https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html

Vendor Advisory

Issue Tracking

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011

Patch