CVE-2020-10713 in Ubuntu

CVE-2020-10713

Priority

Description

A flaw was found in grub2, prior to version 2.06. An attacker may use the
GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw
also allows the bypass of Secure Boot protections. In order to load an
untrusted or modified kernel, an attacker would first need to establish
access to the system such as gaining physical access, obtain the ability to
alter a pxe-boot network, or have remote access to a networked system with
root access. With this access, an attacker could then craft a string to
cause a buffer overflow by injecting a malicious payload that leads to
arbitrary code execution within GRUB. The highest threat from this
vulnerability is to data confidentiality and integrity as well as system
availability.

Ubuntu-Description

Jesse Michael and Mickey Shkatov discovered that the configuration
parser in GRUB2 did not properly exit when errors were discovered,
resulting in heap-based buffer overflows. A local attacker could
use this to execute arbitrary code and bypass UEFI Secure Boot
restrictions.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713
https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass
https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html
https://www.openwall.com/lists/oss-security/2020/07/29/3
https://ubuntu.com/security/notices/USN-4432-1

Notes

amurray

grub2-signed is not supported in Ubuntu 12.04 ESM (precise/esm) and so marking the priority for grub2 in this release as low

Package

Source: grub2 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):	released (2.02~beta2-9ubuntu1.20)
Ubuntu 16.06 ESM (Xenial Xerus):	released (2.02~beta2-36ubuntu3.26)
Ubuntu 18.04 LTS (Bionic Beaver):	released (2.02-2ubuntu8.16)
Ubuntu 20.04 LTS (Focal Fossa):	released (2.04-1ubuntu26.1)
Ubuntu 20.10 (Groovy Gorilla):	not-affected (2.04-1ubuntu26.1)
Ubuntu 21.04 (Hirsute Hippo):	not-affected (2.04-1ubuntu26.1)
Ubuntu 21.10 (Impish Indri):	not-affected (2.04-1ubuntu26.1)

Package

Source: grub2-signed (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):	released (1.34.22)
Ubuntu 16.06 ESM (Xenial Xerus):	released (1.66.26)
Ubuntu 18.04 LTS (Bionic Beaver):	released (1.93.18)
Ubuntu 20.04 LTS (Focal Fossa):	released (1.142.3)
Ubuntu 20.10 (Groovy Gorilla):	not-affected (1.147)
Ubuntu 21.04 (Hirsute Hippo):	not-affected (1.147)
Ubuntu 21.10 (Impish Indri):	not-affected (1.147)

More Information

Updated: 2021-06-05 04:42:10 UTC (commit 9f1442d151c4b1764735c64061fe3a60c369dce8)