#VU112027 Observable discrepancy in grub - CVE-2024-56738
Vulnerability identifier: #VU112027
Vulnerability risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-203
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
grub
Universal components / Libraries /
Libraries used by multiple products
Vendor: GNU
Description
The vulnerability allows an attacker to bypass implemented security restrictions.
The vulnerability exists due to software does not use a constant-time algorithm for grub_crypto_memcmp. An attacker with physical access to the system can perform side-channel attacks to bypass implemented security restrictions and escalate privileges on the system.
Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versions
grub: 1.99 - 2.12
External links
https://savannah.gnu.org/bugs/?66603
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
