{"id":"USN-6410-1","summary":"grub2-signed, grub2-unsigned vulnerabilities","details":"It was discovered that a specially crafted file system image could cause a\nheap-based out-of-bounds write. A local attacker could potentially use this\nto perform arbitrary code execution bypass and bypass secure boot\nprotections. (CVE-2023-4692)\n\nIt was discovered that a specially crafted file system image could cause an\nout-of-bounds read. A physically-present attacker could possibly use this\nto leak sensitive information to the GRUB pager. (CVE-2023-4693)\n","modified":"2026-02-10T04:43:20Z","published":"2023-10-04T01:31:42Z","related":["UBUNTU-CVE-2023-4692","UBUNTU-CVE-2023-4693"],"upstream":["CVE-2023-4692","CVE-2023-4693","UBUNTU-CVE-2023-4692","UBUNTU-CVE-2023-4693"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6410-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-4692"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-4693"}],"affected":[{"package":{"name":"grub2-signed","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/grub2-signed@1.187.6~20.04.1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.187.6~20.04.1"}]}],"versions":["1.128","1.129","1.130","1.131","1.133","1.134","1.135","1.136","1.137","1.138","1.139","1.140","1.141","1.142","1.142.1","1.142.3","1.142.4","1.142.5","1.142.6","1.142.8","1.142.9","1.142.10","1.142.11","1.167","1.167.2","1.173.2~20.04.1","1.173.4","1.187.2~20.04.2","1.187.3~20.04.1","1.187.4~20.04.1"],"ecosystem_specific":{"binaries":[{"binary_version":"1.187.6~20.04.1+2.06-2ubuntu14.4","binary_name":"grub-efi-amd64-signed"},{"binary_version":"1.187.6~20.04.1+2.06-2ubuntu14.4","binary_name":"grub-efi-arm64-signed"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6410-1.json","cves_map":{"ecosystem":"Ubuntu:20.04:LTS","cves":[{"id":"CVE-2023-4692","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-4693","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}},{"package":{"name":"grub2-signed","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/grub2-signed@1.187.6?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.187.6"}]}],"versions":["1.173","1.174","1.176","1.177","1.178","1.179","1.180","1.182~22.04.1","1.187.2","1.187.3~22.04.1","1.187.4~22.04.1"],"ecosystem_specific":{"binaries":[{"binary_version":"1.187.6+2.06-2ubuntu14.4","binary_name":"grub-efi-amd64-signed"},{"binary_version":"1.187.6+2.06-2ubuntu14.4","binary_name":"grub-efi-arm64-signed"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6410-1.json","cves_map":{"ecosystem":"Ubuntu:22.04:LTS","cves":[{"id":"CVE-2023-4692","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-4693","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}},{"package":{"name":"grub2-unsigned","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/grub2-unsigned@2.06-2ubuntu14.4?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.06-2ubuntu14.4"}]}],"versions":["2.04-1ubuntu47","2.04-1ubuntu48","2.06-2ubuntu3","2.06-2ubuntu4","2.06-2ubuntu5","2.06-2ubuntu6","2.06-2ubuntu7","2.06-2ubuntu10","2.06-2ubuntu14","2.06-2ubuntu14.1","2.06-2ubuntu14.2"],"ecosystem_specific":{"binaries":[{"binary_version":"2.06-2ubuntu14.4","binary_name":"grub-efi-amd64"},{"binary_version":"2.06-2ubuntu14.4","binary_name":"grub-efi-amd64-bin"},{"binary_version":"2.06-2ubuntu14.4","binary_name":"grub-efi-arm64"},{"binary_version":"2.06-2ubuntu14.4","binary_name":"grub-efi-arm64-bin"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6410-1.json","cves_map":{"ecosystem":"Ubuntu:22.04:LTS","cves":[{"id":"CVE-2023-4692","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-4693","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}}],"schema_version":"1.7.3"}