GRUB2 contains a race condition leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing.
CVE-2020-15706

6.4MEDIUM

Key Information:

Vendor: Ubuntu
Status: Grub2 In Ubuntu
Vendor: CVE Published:; 29 July 2020

🔔 Create Ubuntu Vulnerability Alert

What is CVE-2020-15706?

GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions.

Affected Version(s)

grub2 in Ubuntu 20.04 LTS < 2.04-1ubuntu26.1

grub2 in Ubuntu 18.04 LTS < 2.02-2ubuntu8.16

grub2 in Ubuntu 16.04 LTS < 2.02~beta2-36ubuntu3.26

References

https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the...

x_refsource_CONFIRM

https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2S...

vendor-advisoryx_refsource_UBUNTU

http://ubuntu.com/security/notices/USN-4432-1

vendor-advisoryx_refsource_UBUNTU

CVSS V3.1

Score:

6.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 29, 2020
Vulnerability Reserved
Jul 14, 2020

Credit

Chris Coulson

.