CVE-2021-20225

Summary

A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Affected Software

VendorProductVersion RangeStatus
n/agrub2grub 2.06affected

Weaknesses

  • CWE-787: CWE-787

ADP Enrichment

CVE Program Container

Additional References

References