CVE-2021-20225
Publication date 2 March 2021
Last updated 24 July 2024
Ubuntu priority
A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
From the Ubuntu Security Team
It was discovered that the option parser in GRUB 2 contained a heap overflow vulnerability. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| grub2 | 24.04 LTS noble |
Not affected
|
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal |
Not affected
|
|
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty |
Not affected
|
|
| grub2-signed | 24.04 LTS noble |
Not affected
|
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal |
Fixed 1.167.2
|
|
| 18.04 LTS bionic |
Fixed 1.167~18.04.5
|
|
| 16.04 LTS xenial |
Fixed 1.164
|
|
| 14.04 LTS trusty |
Vulnerable
|
|
| grub2-unsigned | 24.04 LTS noble |
Not affected
|
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal |
Fixed 2.04-1ubuntu44.2
|
|
| 18.04 LTS bionic |
Fixed 2.04-1ubuntu44.1.2
|
|
| 16.04 LTS xenial |
Fixed 2.04-1ubuntu42
|
|
| 14.04 LTS trusty | Not in release |
Notes
sbeattie
grub2-unsigned will contain fixes and supersede grub2, which will contain only BIOS grub bits.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
6.7 · Medium
|
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | High |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
References
Related Ubuntu Security Notices (USN)
- USN-4992-1
- GRUB 2 vulnerabilities
- 18 June 2021