Pre-boot Authentication Vulnerability in Grub Legacy by GNU
CVE-2008-3896
Currently unrated
Summary
Grub Legacy versions 0.97 and earlier contain a vulnerability where pre-boot authentication passwords are improperly stored in the BIOS Keyboard buffer. This buffer is not cleared before and after usage, allowing local users to access sensitive authentication data by reading physical memory locations tied to the buffer. This security oversight can lead to unauthorized access and compromises overall system security.
References
Timeline
Vulnerability published
Vulnerability Reserved