Description
GRUB2 contains a race condition in grub_script_function_create() leading to
a use-after-free vulnerability which can be triggered by redefining a
function whilst the same function is already executing, leading to
arbitrary code execution and secure boot restriction bypass. This issue
affects GRUB2 version 2.04 and prior versions.
Ubuntu-Description
Chris Coulson discovered that the GRUB2 function handling code did not
properly handle a function being redefined, leading to a use-after-free
vulnerability. A local attacker could use this to execute arbitrary code
and bypass UEFI Secure Boot restrictions.
Notes
amurray | grub2-signed is not supported in Ubuntu 12.04 ESM (precise/esm) and so marking the priority for grub2 in this release as low |
sbeattie | 809f3a268 script: Avoid a use-after-free when redefining a function during execution |
Updated: 2020-10-24 07:03:38 UTC (commit 69e225d81a6ee3e2e014950178db797c5d4e5009)