#VU64063 Out-of-bounds write in grub - CVE-2022-28734

Cybersecurity Help s.r.o.

Published: 2022-06-08 | Updated: 2022-07-20

Vulnerability identifier: #VU64063

Vulnerability risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-28734

CWE-ID: CWE-787

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
grub
Universal components / Libraries / Libraries used by multiple products

Vendor: GNU

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing split HTTP headerst. A remote attacker can send specially crafted traffic to the affected system, trigger an out-of-bounds write and execute arbitrary code on the target system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

grub: 1.99 - 2.06

External links
https://lists.gnu.org/archive/html/grub-devel/2022-06/msg00035.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Amazon Linux AMI update for grub2

Multiple vulnerabilities in Oracle Linux

Ubuntu update for grub2-signed

F5 BIG-IP and BIG-IQ Centralized Management update for Grub2

Multiple vulnerabilities in IBM Security Verify Access

Multiple vulnerabilities in Dell VxRail Appliance components

Multiple vulnerabilities in IBM Security Verify Governance

Multiple vulnerabilities in Dell Secure Connect Gateway

Multiple vulnerabilities in Dell Storage Monitoring and Reporting (SMR)

SecurID Authentication Manager update for third-party components