#VU81628 Out-of-bounds read in grub


Published: 2023-10-05

Vulnerability identifier: #VU81628

Vulnerability risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4693

CWE-ID: CWE-125

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
grub
Universal components / Libraries / Libraries used by multiple products

Vendor: GNU

Description

The vulnerability allows an attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the NTFS driver in grub-core/fs/ntfs.c when reading data from the resident $DATA attribute. A attacker with physical access to the system use a specially crafted NTFS file system image to read arbitrary memory locations, such as data cached in memory or EFI variables values.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

grub: 1.99 - 2.06

External links
http://lists.gnu.org/archive/html/grub-devel/2023-10/msg00028.html

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in OpenShift Service Mesh 2.5
Multiple vulnerabilities in Dell Enterprise SONiC Distribution
Red Hat Enterprise Linux 8 update for grub2
Red Hat Enterprise Linux 9 update for grub2
Fedora 38 update for grub2
Fedora 39 update for grub2
Fedora 40 update for grub2
Dell EMC NetWorker vProxy update for third-party components
Gentoo update for GRUB
SUSE update for grub2