CVE-2008-3896 (retired)

Priority
Description
Grub Legacy 0.97 and earlier stores pre-boot authentication passwords in
the BIOS Keyboard buffer and does not clear this buffer before and after
use, which allows local users to obtain sensitive information by reading
the physical memory locations associated with this buffer.
Notes
 jdstrand> requires root access to the machine, which gives access to do
  anything anyway (unless restricting root access via SELinux, which Ubuntu
  does not)
 mdeslaur> let's ignore this
Package
Source: grub (LP Ubuntu Debian)
Upstream:needs-triage
More Information

Updated: 2019-09-19 15:13:07 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)