Pre-boot Authentication Vulnerability in Grub Legacy by GNU
CVE-2008-3896

Currently unrated

Key Information:

Vendor
Gnu
Vendor
CVE Published:
3 September 2008

Summary

Grub Legacy versions 0.97 and earlier contain a vulnerability where pre-boot authentication passwords are improperly stored in the BIOS Keyboard buffer. This buffer is not cleared before and after usage, allowing local users to access sensitive authentication data by reading physical memory locations tied to the buffer. This security oversight can lead to unauthorized access and compromises overall system security.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.