ByteOS Network

Vulnerability Details :

CVE-2023-4692

Assigner-redhat

Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749

Published At-25 Oct, 2023 | 10:27

Updated At-23 Nov, 2024 | 03:30

Grub2: out-of-bounds write at fs/ntfs.c may lead to unsigned code execution

An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a result, arbitrary code execution and secure boot protection bypass may be achieved.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:redhat

Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749

Published At:25 Oct, 2023 | 10:27

Updated At:23 Nov, 2024 | 03:30

▼CVE Numbering Authority (CNA)

Grub2: out-of-bounds write at fs/ntfs.c may lead to unsigned code execution

Affected Products

Collection URL

https://git.savannah.gnu.org/git/grub.git/

Package Name

grub

Versions

Unaffected

From 2.12 before * (custom)

Vendor

Red Hat, Inc.

Product

Red Hat Enterprise Linux 8

Collection URL

https://access.redhat.com/downloads/content/package-browser/

Package Name

grub2

CPEs

cpe:/o:redhat:enterprise_linux:8::baseos

Default Status

affected

Versions

Unaffected

From 1:2.02-156.el8 before * (rpm)

Vendor

Red Hat, Inc.

Product

Red Hat Enterprise Linux 9

Collection URL

https://access.redhat.com/downloads/content/package-browser/

Package Name

grub2

CPEs

cpe:/o:redhat:enterprise_linux:9::baseos

Default Status

affected

Versions

Unaffected

From 1:2.06-77.el9 before * (rpm)

Vendor

Red Hat, Inc.

Product

Red Hat Enterprise Linux 7

Collection URL

https://access.redhat.com/downloads/content/package-browser/

Package Name

grub2

CPEs

cpe:/o:redhat:enterprise_linux:7

Default Status

unknown

Problem Types

Type	CWE ID	Description
CWE	CWE-122	Heap-based Buffer Overflow

Type: CWE

CWE ID: CWE-122

Description: Heap-based Buffer Overflow

Metrics

Version	Base score	Base severity	Vector
3.1	7.5	HIGH	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Version: 3.1

Base score: 7.5

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Metrics Other Info

Red Hat severity rating

value:

Low

namespace:

https://access.redhat.com/security/updates/classification/

Timeline

Event	Date
Reported to Red Hat.	2023-08-31 00:00:00
Made public.	2023-10-03 00:00:00

Event: Reported to Red Hat.

Date: 2023-08-31 00:00:00

Event: Made public.

Date: 2023-10-03 00:00:00

References

Hyperlink	Resource
https://access.redhat.com/errata/RHSA-2024:2456	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3184	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-4692	vdb-entry x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2236613	issue-tracking x_refsource_REDHAT
https://dfir.ru/2023/10/03/cve-2023-4692-cve-2023-4693-vulnerabilities-in-the-grub-boot-manager/	N/A
https://lists.gnu.org/archive/html/grub-devel/2023-10/msg00028.html	N/A
https://seclists.org/oss-sec/2023/q4/37	N/A

Hyperlink: https://access.redhat.com/errata/RHSA-2024:2456

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: https://access.redhat.com/errata/RHSA-2024:3184

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: https://access.redhat.com/security/cve/CVE-2023-4692

Resource:

vdb-entry

x_refsource_REDHAT

Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2236613

Resource:

issue-tracking

x_refsource_REDHAT

Hyperlink: https://dfir.ru/2023/10/03/cve-2023-4692-cve-2023-4693-vulnerabilities-in-the-grub-boot-manager/

Resource: N/A

Hyperlink: https://lists.gnu.org/archive/html/grub-devel/2023-10/msg00028.html

Resource: N/A

Hyperlink: https://seclists.org/oss-sec/2023/q4/37

Resource: N/A

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
https://access.redhat.com/errata/RHSA-2024:2456	vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/errata/RHSA-2024:3184	vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-4692	vdb-entry x_refsource_REDHAT x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=2236613	issue-tracking x_refsource_REDHAT x_transferred
https://dfir.ru/2023/10/03/cve-2023-4692-cve-2023-4693-vulnerabilities-in-the-grub-boot-manager/	x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUU42E7CPYLATXOYVYNW6YTXXULAOV6L/	x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OIRJ5UZRXX2KLR4IKBJEQUNGOCXMMDLY/	x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PERFILCHFEUGG3OAMC6W55P6DDIBZK4Q/	x_transferred
https://lists.gnu.org/archive/html/grub-devel/2023-10/msg00028.html	x_transferred
https://seclists.org/oss-sec/2023/q4/37	x_transferred
https://security.gentoo.org/glsa/202311-14	x_transferred
https://security.netapp.com/advisory/ntap-20231208-0002/	x_transferred

Hyperlink: https://access.redhat.com/errata/RHSA-2024:2456

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: https://access.redhat.com/errata/RHSA-2024:3184

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: https://access.redhat.com/security/cve/CVE-2023-4692

Resource:

vdb-entry

x_refsource_REDHAT

x_transferred

Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2236613

Resource:

issue-tracking

x_refsource_REDHAT

x_transferred

Hyperlink: https://dfir.ru/2023/10/03/cve-2023-4692-cve-2023-4693-vulnerabilities-in-the-grub-boot-manager/

Resource:

x_transferred

Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUU42E7CPYLATXOYVYNW6YTXXULAOV6L/

Resource:

x_transferred

Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OIRJ5UZRXX2KLR4IKBJEQUNGOCXMMDLY/

Resource:

x_transferred

Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PERFILCHFEUGG3OAMC6W55P6DDIBZK4Q/

Resource:

x_transferred

Hyperlink: https://lists.gnu.org/archive/html/grub-devel/2023-10/msg00028.html

Resource:

x_transferred

Hyperlink: https://seclists.org/oss-sec/2023/q4/37

Resource:

x_transferred

Hyperlink: https://security.gentoo.org/glsa/202311-14

Resource:

x_transferred

Hyperlink: https://security.netapp.com/advisory/ntap-20231208-0002/

Resource:

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:secalert@redhat.com

Published At:25 Oct, 2023 | 18:17

Updated At:16 Sep, 2024 | 16:15

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary	3.1	7.5	HIGH	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Type: Primary

Version: 3.1

Base score: 7.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Type: Secondary

Version: 3.1

Base score: 7.5

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CPE Matches

GNU

>>grub2>>Versions before 2.12(exclusive)

cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux>>8.0

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux>>9.0

cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-787	Primary	nvd@nist.gov
CWE-122	Secondary	secalert@redhat.com

CWE ID: CWE-787

Type: Primary

Source: nvd@nist.gov

CWE ID: CWE-122

Type: Secondary