Main Vulnerability Database Exploits ID:8155 - Exploit for Use-after-free in grub - CVE-2020-25632

ID:8155 - Exploit for Use-after-free in grub - CVE-2020-25632

Published: July 20, 2022

Vulnerability identifier: #VU51188

Vulnerability risk: Low

CVE-ID: CVE-2020-25632

CWE-ID: CWE-416

Exploitation vector: Local access

Vulnerable software:
grub

Link to public exploit:

https://github.com/pauljrowland/BootHoleFix

Vulnerability description

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to a use-after-free error when handling module unloads. A local privileged user can unload a kernel module, trigger a use-after-free error and bypass Secure Boot protection mechanism.

Remediation

Install updates from vendor's repository.

ID:8155 - Exploit for Use-after-free in grub - CVE-2020-25632

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human