CVE-2020-27779

NameCVE-2020-27779
DescriptionA flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-4867-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
grub2 (PTS)jessie, jessie (lts)2.02~beta2-22+deb8u2vulnerable
stretch (lts), stretch2.02~beta3-5+deb9u3vulnerable
buster (security), buster, buster (lts)2.06-3~deb10u4fixed
bullseye (security), bullseye2.06-3~deb11u6fixed
bookworm (security), bookworm2.06-13+deb12u1fixed
sid, trixie2.12-5fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
grub2sourcebuster2.02+dfsg1-20+deb10u4DSA-4867-1
grub2source(unstable)2.04-16

Notes

[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
[jessie] - grub2 <ignored> (No SecureBoot support in jessie)

Search for package or bug name: Reporting problems