Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a denial of service (disk corruption) via backspace characters in the (1) grub_username_get function in grub-core/normal/auth.c or the (2) grub_password_get function in lib/crypto.c, which trigger an "Off-by-two" or "Out of bounds overwrite" memory error.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Grub2 整数溢出漏洞
Vulnerability Description
GNU GRUB(GRand Unified Bootloader)是GNU计划开发的一套GNU项目的启动引导程序,它允许用户在计算机内同时拥有多个操作系统,并在计算机启动时选择希望运行的操作系统。Grub2是其中的一个增强版。 Grub2 1.98版本至2.02版本中存在整数溢出漏洞。物理位置临近的攻击者可借助grub-core/normal/auth.c文件中的‘grub_username_get’函数和lib/crypto.c文件中的‘grub_password_get’函数中的退格字符利用该漏洞绕
CVSS Information
N/A
Vulnerability Type
N/A