PublicDateAtUSN: 2021-03-02 18:00:00 UTC Candidate: CVE-2021-20225 CRD: 2021-03-02 18:00:00 UTC PublicDate: 2021-03-03 17:15:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225 https://ubuntu.com/security/notices/USN-4992-1 Description: A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Ubuntu-Description: It was discovered that the option parser in GRUB 2 contained a heap overflow vulnerability. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. Notes: sbeattie| grub2-unsigned will contain fixes and supersede grub2, which will contain only BIOS grub bits. Mitigation: Bugs: Priority: medium Discovered-by: Assigned-to: CVSS: nvd: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H [6.7 MEDIUM] Patches_grub2-unsigned: upstream_grub2-unsigned: needs-triage precise/esm_grub2-unsigned: ignored (end of ESM support, was needs-triage) trusty_grub2-unsigned: ignored (out of standard support) trusty/esm_grub2-unsigned: needs-triage xenial_grub2-unsigned: pending (2.04-1ubuntu42) esm-infra/xenial_grub2-unsigned: pending (2.04-1ubuntu42) bionic_grub2-unsigned: released (2.04-1ubuntu44.1.2) focal_grub2-unsigned: released (2.04-1ubuntu44.2) groovy_grub2-unsigned: released (2.04-1ubuntu44.2) hirsute_grub2-unsigned: released (2.04-1ubuntu42) impish_grub2-unsigned: released (2.04-1ubuntu45) jammy_grub2-unsigned: released (2.04-1ubuntu45) devel_grub2-unsigned: released (2.04-1ubuntu45) Patches_grub2-signed: upstream_grub2-signed: needs-triage precise/esm_grub2-signed: DNE trusty_grub2-signed: ignored (out of standard support) trusty/esm_grub2-signed: needs-triage xenial_grub2-signed: ignored (end of standard support, was needs-triage) esm-infra/xenial_grub2-signed: pending (1.164) bionic_grub2-signed: released (1.167~18.04.5) focal_grub2-signed: released (1.167.2) groovy_grub2-signed: released (1.167.2) hirsute_grub2-signed: released (1.164) impish_grub2-signed: released (1.169) jammy_grub2-signed: released (1.169) devel_grub2-signed: released (1.169)