Security restrictions bypass in GNU GRUB

1) Observable discrepancy

EUVDB-ID: #VU112027

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56738

CWE-ID: CWE-203 - Observable discrepancy

Exploit availability: No

Description

The vulnerability allows an attacker to bypass implemented security restrictions.

The vulnerability exists due to software does not use a constant-time algorithm for grub_crypto_memcmp. An attacker with physical access to the system can perform side-channel attacks to bypass implemented security restrictions and escalate privileges on the system. 

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

grub: 1.99 - 2.12

CPE2.3

• cpe:2.3:a:gnu:grub:1.99:*:*:*:*:*:*:*
• cpe:2.3:a:gnu:grub:2.00:*:*:*:*:*:*:*
• cpe:2.3:a:gnu:grub:2.02:*:*:*:*:*:*:*

External links

https://savannah.gnu.org/bugs/?66603

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.