Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2023-4693

Publication date 3 October 2023

Last updated 24 July 2024

Ubuntu priority

Medium

Why this priority?

Cvss 3 Severity Score

4.6 · Medium

Score breakdown

An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to be leaked, presenting a high Confidentiality risk.

From the Ubuntu Security Team

It was discovered that a specially crafted file system image could cause an out-of-bounds read. A local attacker could possibly use this to leak sensitive information to the GRUB pager.

Read the notes from the security team

Status

Package Ubuntu Release Status
grub2 24.04 LTS noble
Not affected
23.10 mantic
Not affected
23.04 lunar Ignored
22.04 LTS jammy
Not affected
20.04 LTS focal
Not affected
18.04 LTS bionic
Not affected
16.04 LTS xenial
Not affected
14.04 LTS trusty
Not affected
grub2-signed 24.04 LTS noble
Fixed 1.199
23.10 mantic
Fixed 1.197
23.04 lunar
Fixed 1.193.2
22.04 LTS jammy
Fixed 1.187.6
20.04 LTS focal
Fixed 1.187.6~20.04.1
18.04 LTS bionic
Needs evaluation
16.04 LTS xenial
Needs evaluation
14.04 LTS trusty Ignored
grub2-unsigned 24.04 LTS noble
Not affected
23.10 mantic
Not affected
23.04 lunar
Fixed 2.06-2ubuntu17.2
22.04 LTS jammy
Fixed 2.06-2ubuntu14.4
20.04 LTS focal
Fixed 2.06-2ubuntu14.4
18.04 LTS bionic
Needs evaluation
16.04 LTS xenial
Needs evaluation
14.04 LTS trusty Ignored

Notes

eslerm

grub2-unsigned contains Secure Boot security fixes the grub2 package unlikely affects Ubuntu's Secure Boot grub2 and grub2-unsigned should have same major version

eslerm

Ubuntu Secure Boot and ESM do not cover i386 trusty's GA kernel cannot handle new versions of grub Note that key revocation is required to protect against evil housekeeper attacks (such as BlackLotus)

eslerm

CWE-125

Severity score breakdown

Parameter Value
Base score 4.6 · Medium
Attack vector Physical
Attack complexity Low
Privileges required None
User interaction None
Scope Unchanged
Confidentiality High
Integrity impact None
Availability impact None
Vector CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N