GNU GRUB - CVE CyberSecurity Database News

Jul 20, 2023 Exploit GNU Project GNU GRUB

CVE-2022-28733: Integer Underflow Vulnerability in grub_net_recv_ip4_packets Function - Exploit and Mitigation Details

In this long-read post, we explore the details of a recently discovered vulnerability – CVE-2022-28733 – which could impact the security and integrity of systems relying on

Jul 20, 2023 Exploit GNU Project GNU GRUB

CVE-2022-28734 - Exploiting Grub2's Out-of-bounds Write Vulnerability When Handling Split HTTP Headers

A recent security vulnerability, designated as CVE-2022-28734, has been discovered within the GRUB2 bootloader, the popular open-source bootloader used widely in Linux and other Unix-like

Jul 20, 2023 Exploit GNU Project GNU GRUB

CVE-2022-28735: How GRUB2's Shim_lock Verifier Allows Non-Kernel Files to Be Loaded on Shim-Powered Secure Boot Systems and Breaks the Trust-Chain

Today, we are going to discuss CVE-2022-28735, which is a critical vulnerability affecting the GNU GRand Unified Bootloader version 2 (GRUB2), more specifically the shim_

Jul 20, 2023 GNU Project GNU GRUB

CVE-2022-28736 – A Critical Use-After-Free Vulnerability in Grub_cmd_chainloader() Function and Exploit Details

CVE-2022-28736 refers to a critical use-after-free vulnerability discovered in the grub_cmd_chainloader() function, commonly used for loading operating systems that don't support