A flaw was found in grub2 in versions before 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu grub2 |
||
redhat enterprise linux 7.0 |
||
redhat enterprise linux 8.0 |
||
redhat enterprise linux server aus 7.2 |
||
redhat enterprise linux server aus 7.3 |
||
redhat enterprise linux server aus 7.4 |
||
redhat enterprise linux server aus 7.6 |
||
redhat enterprise linux server aus 7.7 |
||
redhat enterprise linux server aus 8.2 |
||
redhat enterprise linux server eus 7.6 |
||
redhat enterprise linux server eus 7.7 |
||
redhat enterprise linux server eus 8.1 |
||
redhat enterprise linux server tus 7.4 |
||
redhat enterprise linux server tus 7.6 |
||
redhat enterprise linux server tus 7.7 |
||
redhat enterprise linux server tus 8.2 |
||
redhat enterprise linux workstation 7.0 |
||
fedoraproject fedora 33 |
||
fedoraproject fedora 34 |
||
netapp ontap select deploy administration utility - |