CVE-2020-14308 in Ubuntu

CVE-2020-14308

Priority

Description

In grub2 versions before 2.06 the grub memory allocator doesn't check for
possible arithmetic overflows on the requested allocation size. This leads
the function to return invalid memory allocations which can be further used
to cause possible integrity, confidentiality and availability impacts
during the boot process.

Ubuntu-Description

It was discovered that the memory allocator for GRUB2 did not validate
allocation size, resulting in multiple integer overflows and heap-based
buffer overflows when handling certain filesystems, PNG images or disk
metadata. A local attacker could use this to execute arbitrary code and
bypass UEFI Secure Boot restrictions.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308
https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass
https://www.openwall.com/lists/oss-security/2020/07/29/3
https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html
https://ubuntu.com/security/notices/USN-4432-1

Notes

amurray

grub2-signed is not supported in Ubuntu 12.04 ESM (precise/esm) and so marking the priority for grub2 in this release as low

Package

Source: grub2 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 18.04 LTS:	released (2.02-2ubuntu8.16)
Ubuntu 20.04 LTS:	released (2.04-1ubuntu26.1)
Ubuntu 16.04 ESM:	released (2.02~beta2-36ubuntu3.26)
Ubuntu 14.04 ESM:	released (2.02~beta2-9ubuntu1.20)

Patches:

Package

Source: grub2-signed (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 18.04 LTS:	released (1.93.18)
Ubuntu 20.04 LTS:	released (1.142.3)
Ubuntu 16.04 ESM:	released (1.66.26)
Ubuntu 14.04 ESM:	released (1.34.22)

Patches:

More Information

Updated: 2022-04-13 14:09:02 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)