GRUB Multiple Vulnerabilities
Last Update Date:
31 Jul 2020
Release Date:
30 Jul 2020
4763
Views
RISK: Medium Risk
TYPE: Operating Systems - Networks OS
Multiple vulnerabilities were identified in GRUB, a remote user could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution and security restriction bypass on the targeted system.
Impact
- Denial of Service
- Elevation of Privilege
- Remote Code Execution
- Security Restriction Bypass
System / Technologies affected
- Microsoft Windows 8
- Microsoft Windows 10
- Microsoft Windows Server
- Red Hat Liunx
- Ubuntu Liunx
- Debian Liunx
- Suse Liunx
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor.
For detail, please refer to the "Related Links" section.
Vulnerability Identifier
- CVE-2020-7205
- CVE-2020-10713
- CVE-2020-14308
- CVE-2020-14309
- CVE-2020-14310
- CVE-2020-14311
- CVE-2020-15705
- CVE-2020-15706
- CVE-2020-15707
Source
Related Link
- https://www.bleepingcomputer.com/news/security/boothole-grub-bootloader-bug-lets-hackers-hide-malware-in-linux-windows/
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV200011
- https://www.auscert.org.au/bulletins/ASB-2020.0135/
- https://access.redhat.com/errata/RHSA-2020:3216
- https://access.redhat.com/errata/RHSA-2020:3217
- https://access.redhat.com/errata/RHSA-2020:3223
- https://access.redhat.com/errata/RHSA-2020:3227
- https://www.auscert.org.au/bulletins/ESB-2020.2591/
- https://ubuntu.com/security/notices/USN-4432-1
- https://www.auscert.org.au/bulletins/ESB-2020.2590/
- https://www.debian.org/security/2020/dsa-4735
- https://www.auscert.org.au/bulletins/ESB-2020.2589/
- https://www.suse.com/support/kb/doc/?id=000019673
Share with