Vulnerability Description
A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload, it is possible to overflow the stack buffer, corrupt the stack frame and control execution which could also circumvent Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gnu | Grub2 | < 2.06 |
| Redhat | Enterprise Linux | 7.0 |
| Redhat | Enterprise Linux Server Aus | 7.2 |
| Redhat | Enterprise Linux Server Eus | 7.6 |
| Redhat | Enterprise Linux Server Tus | 7.4 |
| Redhat | Enterprise Linux Workstation | 7.0 |
| Fedoraproject | Fedora | 33 |
| Netapp | Ontap Select Deploy Administration Utility | - |
Related Weaknesses (CWE)
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1899966Issue TrackingPatchThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://security.gentoo.org/glsa/202104-05Third Party Advisory
- https://security.netapp.com/advisory/ntap-20220325-0001/Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1899966Issue TrackingPatchThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://security.gentoo.org/glsa/202104-05Third Party Advisory
- https://security.netapp.com/advisory/ntap-20220325-0001/Third Party Advisory
FAQ
What is CVE-2020-27749?
CVE-2020-27749 is a vulnerability with a CVSS score of 6.7 (MEDIUM). A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary...
How severe is CVE-2020-27749?
CVE-2020-27749 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-27749?
Check the references section above for vendor advisories and patch information. Affected products include: Gnu Grub2, Redhat Enterprise Linux, Redhat Enterprise Linux Server Aus, Redhat Enterprise Linux Server Eus, Redhat Enterprise Linux Server Tus.