Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-3695

A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be exploited as an attacker needs to perform some triage over the heap layout to achieve signifcant results, also the values written into the memory are repeated three times in a row making difficult to produce valid payloads. This flaw affects grub2 versions prior grub-2.12.

Published

2022-07-06T16:15:08.210

Last Modified

2024-11-21T06:22:10.483

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.5 (MEDIUM)

CVSSv2 Vector

AV:L/AC:M/Au:N/C:P/I:P/A:P

  • Access Vector: LOCAL
  • Access Complexity: MEDIUM
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

3.4

Impact Score

6.4

Weaknesses
  • Type: Secondary
    CWE-787
  • Type: Primary
    CWE-787
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application gnu grub2 < 2.12 Yes
Operating System fedoraproject fedora 36 Yes
Application redhat developer_tools 1.0 Yes
Application redhat openshift 3.0 Yes
Operating System redhat enterprise_linux 8.0 Yes
Operating System redhat enterprise_linux 8.1 Yes
Operating System redhat enterprise_linux 8.4 Yes
Operating System redhat enterprise_linux 9.0 Yes
Operating System redhat enterprise_linux_eus 8.2 Yes
Operating System redhat enterprise_linux_eus 8.4 Yes
Operating System redhat enterprise_linux_eus 8.6 Yes
Operating System redhat enterprise_linux_eus 9.0 Yes
Operating System redhat enterprise_linux_for_power_little_endian 8.0 Yes
Operating System redhat enterprise_linux_for_power_little_endian 9.0 Yes
Operating System redhat enterprise_linux_for_power_little_endian_eus 8.2 Yes
Operating System redhat enterprise_linux_for_power_little_endian_eus 8.4 Yes
Operating System redhat enterprise_linux_for_power_little_endian_eus 8.6 Yes
Operating System redhat enterprise_linux_for_power_little_endian_eus 9.0 Yes
Operating System redhat enterprise_linux_server_aus 8.2 Yes
Operating System redhat enterprise_linux_server_aus 8.4 Yes
Operating System redhat enterprise_linux_server_aus 8.6 Yes
Operating System redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions 8.1 Yes
Operating System redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions 8.2 Yes
Operating System redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions 8.4 Yes
Operating System redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions 8.6 Yes
Operating System redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions 9.0 Yes
Operating System redhat enterprise_linux_server_tus 8.2 Yes
Operating System redhat enterprise_linux_server_tus 8.4 Yes
Operating System redhat enterprise_linux_server_tus 8.6 Yes
Application redhat openshift_container_platform 4.6 Yes
Application redhat openshift_container_platform 4.9 Yes
Application redhat openshift_container_platform 4.10 Yes
Operating System redhat enterprise_linux 8.0 No
Application redhat codeready_linux_builder - Yes
Operating System redhat enterprise_linux 8.0 No
Operating System redhat enterprise_linux 9.0 No
Operating System redhat enterprise_linux_eus 8.2 No
Operating System redhat enterprise_linux_eus 8.4 No
Operating System redhat enterprise_linux_eus 8.6 No
Operating System redhat enterprise_linux_eus 9.0 No
Application netapp ontap_select_deploy_administration_utility - Yes
References