Vulnerability CVE-2021-20225

Vulnerability Name:

CVE-2021-20225 (CCN-197608)

Assigned:

2020-12-17

Published:

2021-03-02

Updated:

2022-04-18

Summary:

A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

CVSS v3 Severity:

6.7 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
5.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): High User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): High User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

7.5 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H)
6.5 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): High User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

6.0 Medium (CCN CVSS v2 Vector: AV:L/AC:H/Au:S/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): High Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-787
CWE-787

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2021-20225

Source: MISC
Type: Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1924696

Source: XF
Type: UNKNOWN
gnugrub-cve202120225-code-exec(197608)

Source: CCN
Type: GRUB GIT Repository
GNU GRUB2

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-cab258a413

Source: CCN
Type: oss-sec Mailing List, Tue, 2 Mar 2021 18:13:44 +0000
Multiple GRUB2 vulnerabilities

Source: GENTOO
Type: Third Party Advisory
GLSA-202104-05

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20220325-0001/

Source: CCN
Type: IBM Security Bulletin 6475265 (QRadar SIEM)
GRUB2 as used by IBM QRadar SIEM is vulnerable to arbitrary code execution

Vulnerable Configuration:

Configuration 1:

cpe:/a:gnu:grub2:*:*:*:*:*:*:*:* (Version < 2.06)

Configuration 2:

cpe:/o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_eus:8.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:fedoraproject:fedora:33:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:*

Configuration 4:

cpe:/a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:8::baseos:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration RedHat 8:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 9:

cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*

Configuration CCN 1:

cpe:/a:gnu:grub2:-:*:*:*:*:*:*:*

AND

cpe:/a:ibm:qradar_security_information_and_event_manager:7.3.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.4.0:-:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:8018	P	groovy-lib-2.4.21-150200.3.7.4 on GA media (Moderate)	2023-06-20
oval:org.opensuse.security:def:7519	P	grub2-2.06-150500.27.4 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:93318	P	(Important)	2022-07-14
oval:org.opensuse.security:def:3480	P	ecryptfs-utils-103-8.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3570	P	libXvnc1-1.6.0-22.7.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94682	P	libpango-1_0-0-1.50.4-150400.1.5 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94573	P	grub2-2.06-150400.9.9 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95110	P	grub2-x86_64-xen-2.06-150400.9.9 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2943	P	grub2-2.06-150400.9.9 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:75	P	grub2-2.04-20.4 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:93165	P	(Moderate)	2022-03-04
oval:org.opensuse.security:def:99208	P	(Important)	2022-02-04
oval:org.opensuse.security:def:112366	P	grub2-2.06-7.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:105877	P	Security update for postgresql10 (Important)	2021-12-14
oval:org.opensuse.security:def:102219	P	Security update for libvirt (Moderate)	2021-11-05
oval:org.opensuse.security:def:99405	P	(Important)	2021-08-17
oval:org.opensuse.security:def:63331	P	grub2-x86_64-xen-2.04-20.4 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:101395	P	redis-6.0.10-1.7.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2242	P	grub2-x86_64-xen-2.04-20.4 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:1004	P	grub2-2.04-20.4 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:100851	P	grub2-2.04-20.4 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:71834	P	grub2-2.04-20.4 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62093	P	grub2-2.04-20.4 on GA media (Moderate)	2021-08-09
oval:com.redhat.rhsa:def:20212566	P	RHSA-2021:2566: fwupd security update (Moderate)	2021-06-29
oval:com.redhat.rhsa:def:20211734	P	RHSA-2021:1734: shim security update (Moderate)	2021-05-18
oval:org.opensuse.security:def:111284	P	Security update for grub2 (Important)	2021-03-22
oval:org.opensuse.security:def:30034	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:57174	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:84277	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:41346	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:45776	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:117575	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:9854	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:92258	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:102789	P	Security update for grub2 (Important)	2021-03-02
oval:com.redhat.rhsa:def:20210696	P	RHSA-2021:0696: grub2 security update (Moderate)	2021-03-02
oval:org.opensuse.security:def:5958	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:69107	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:33090	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:59599	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:86731	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:24029	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:54769	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:82153	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:127227	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:108885	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:73781	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:93012	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:97256	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:9097	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:70353	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:100115	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:89254	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:31351	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:57561	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:84735	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:21419	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:51172	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:95506	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:118551	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:10213	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:92455	P	Security update for grub2 (Important)	2021-03-02
oval:com.redhat.rhsa:def:20210699	P	RHSA-2021:0699: grub2 security update (Moderate)	2021-03-02
oval:org.opensuse.security:def:69599	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:33776	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:59857	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:87554	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:28946	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:55302	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:82686	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:109455	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:76115	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:97257	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:9459	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:70545	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:64659	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:89512	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:31738	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:58090	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:85815	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:23184	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:51741	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:96099	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:125662	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:10405	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:92654	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:8710	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:69795	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:99604	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:34034	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:60467	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:88257	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:29479	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:55857	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:83241	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:40242	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:44672	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:97258	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:9655	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:92063	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:67047	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:99013	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:32267	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:58913	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:86202	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:23753	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:52017	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:81113	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:126830	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:108061	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:92853	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:8902	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:69994	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:99803	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:34644	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:88574	P	Security update for grub2 (Important)	2021-03-02

BACK