SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

CVE

CVE-2020-15706

GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:		CVSS V2 Severity:
CVSS Score : 6.4		CVSS Score : 4.4
Exploit Score: 0.5		Exploit Score: 3.4
Impact Score: 5.9		Impact Score: 6.4

CVSS V3 Metrics:		CVSS V2 Metrics:
Attack Vector: LOCAL		Access Vector: LOCAL
Attack Complexity: HIGH		Access Complexity: MEDIUM
Privileges Required: HIGH		Authentication: NONE
User Interaction: NONE		Confidentiality: PARTIAL
Scope: UNCHANGED		Integrity: PARTIAL
Confidentiality: HIGH		Availability: PARTIAL
Integrity: HIGH
Availability: HIGH

Reference:

DSA-4735

GLSA-202104-05

USN-4432-1

http://www.openwall.com/lists/oss-security/2020/07/29/3

http://ubuntu.com/security/notices/USN-4432-1

https://access.redhat.com/security/vulnerabilities/grub2bootloader

https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011

https://security.netapp.com/advisory/ntap-20200731-0008/

https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass

https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot

https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/

https://www.openwall.com/lists/oss-security/2020/07/29/3

https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/

https://www.suse.com/support/kb/doc/?id=000019673

openSUSE-SU-2020:1168

openSUSE-SU-2020:1169


30479



423868



248364



909



195388



282