#VU51194 Improper Authorization in grub


Published: 2021-03-03

Vulnerability identifier: #VU51194

Vulnerability risk: Low

CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-27779

CWE-ID: CWE-285

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
grub
Universal components / Libraries / Libraries used by multiple products

Vendor: GNU

Description

The vulnerability allows a local user to bypass authorization checks.

The vulnerability exists within the cutmem command, which does not honor the Secure Boot locking. A local privileged user can remove address ranges from memory creating an opportunity to circumvent Secure Boot protections after proper triage about grub's memory layout.

Mitigation
Install updates from vendor's repository.

Vulnerable software versions

grub: 2.00 - 2.06

External links
http://seclists.org/oss-sec/2021/q1/189

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Dell EMC Data Computing Appliance (DCA)
Multiple vulnerabilities in Dell PowerFlex rack
Multiple vulnerabilities in Dell PowerFlex Appliance
Multiple vulnerabilities in Dell EMC Cloud Tiering Appliance
Multiple vulnerabilities in Dell Storage Monitoring and Reporting (SMR)
Multiple vulnerabilities in IBM QRadar SIEM
Multiple vulnerabilities in Hitachi Energy APM Edge
Red Hat Enterprise Linux 8.1 update grub2
Red Hat Enterprise Linux 8.2 update for grub2
Red Hat Enterprise Linux 8.4 update for fwupd