Vulnerability Description
There's a use-after-free vulnerability in grub_cmd_chainloader() function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support from GRUB2. When executing chainloader more than once a use-after-free vulnerability is triggered. If an attacker can control the GRUB2's memory allocation pattern sensitive data may be exposed and arbitrary code execution can be achieved.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gnu | Grub2 | >= 2.00, < 2.06-3 |
Related Weaknesses (CWE)
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28736Third Party Advisory
- https://security.netapp.com/advisory/ntap-20230825-0002/
- https://www.openwall.com/lists/oss-security/2022/06/07/5Mailing ListThird Party Advisory
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28736Third Party Advisory
- https://security.netapp.com/advisory/ntap-20230825-0002/
- https://www.openwall.com/lists/oss-security/2022/06/07/5Mailing ListThird Party Advisory
FAQ
What is CVE-2022-28736?
CVE-2022-28736 is a vulnerability with a CVSS score of 6.4 (MEDIUM). There's a use-after-free vulnerability in grub_cmd_chainloader() function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support fr...
How severe is CVE-2022-28736?
CVE-2022-28736 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-28736?
Check the references section above for vendor advisories and patch information. Affected products include: Gnu Grub2.