There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow.

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:N/I:P/A:P
Vendors Products
Redhat
  • Enterprise Linux
  • Enterprise Linux Server Tus
  • Enterprise Linux Server Aus
  • Enterprise Linux Eus
Opensuse
  • Leap
Gnu
  • Grub2
Canonical
  • Ubuntu Linux

Configuration 1 [-]

cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
References
Link Resource
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/09/17/2 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/09/17/4 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/09/21/1 Mailing List Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14311 Issue Tracking Third Party Advisory
https://security.gentoo.org/glsa/202104-05 Third Party Advisory
https://usn.ubuntu.com/4432-1/ Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2020-07-31T20:56:30

Updated: 2021-09-21T11:06:35

Reserved: 2020-06-17T00:00:00

Link: CVE-2020-14311

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2020-07-31T22:15:11.597

Modified: 2023-11-07T03:17:08.243

Link: CVE-2020-14311

JSON object: View

cve-icon Redhat Information

No data.

CWE