Vulnerability CVE-2022-28733: Information
Description
Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. Under certain circumstances the total_len value may end up wrapping around to a small integer number which will be used in memory allocation. If the attack succeeds in such way, subsequent operations can write past the end of the buffer.
Severity: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
grub | sisyphus | 2.06-alt10 | 2.06-alt19 | ALT-PU-2023-1439-1 | 316758 | Fixed |
grub | p10 | 2.06-alt16 | 2.06-alt17 | ALT-PU-2023-6074-2 | 323459 | Fixed |
shim | sisyphus | 15.7-alt3 | 15.8-alt2 | ALT-PU-2023-1438-1 | 316758 | Fixed |
shim | p10 | 15.7-alt3 | 15.8-alt1 | ALT-PU-2023-4656-3 | 326192 | Fixed |
shim | c10f1 | 15.7-alt3 | 15.8-alt1 | ALT-PU-2023-5598-2 | 329504 | Fixed |
shim | c9f2 | 15.7-alt3 | 15.8-alt1 | ALT-PU-2023-4655-3 | 326191 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://www.openwall.com/lists/oss-security/2022/06/07/5 |
|
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28733 |
|
https://security.netapp.com/advisory/ntap-20230825-0002/ |