Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Untriaged

Permalink CVE-2022-28733

8.1 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months, 1 week ago

Integer underflow in grub_net_recv_ip4_packets

Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. Under certain circumstances the total_len value may end up wrapping around to a small integer number which will be used in memory allocation. If the attack succeeds in such way, subsequent operations can write past the end of the buffer.

References

https://www.openwall.com/lists/oss-security/2022/06/07/5 mailing-list
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28733 issue-tracking
https://security.netapp.com/advisory/ntap-20230825-0002/
https://www.openwall.com/lists/oss-security/2022/06/07/5 mailing-list x_transferred
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28733 issue-tracking x_transferred
https://security.netapp.com/advisory/ntap-20230825-0002/ x_transferred
https://security.netapp.com/advisory/ntap-20230825-0002/
https://www.openwall.com/lists/oss-security/2022/06/07/5 mailing-list
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28733 issue-tracking
https://www.openwall.com/lists/oss-security/2022/06/07/5 mailing-list x_transferred
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28733 issue-tracking x_transferred
https://security.netapp.com/advisory/ntap-20230825-0002/ x_transferred
https://www.openwall.com/lists/oss-security/2022/06/07/5 mailing-list
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28733 issue-tracking
https://security.netapp.com/advisory/ntap-20230825-0002/
https://www.openwall.com/lists/oss-security/2022/06/07/5 mailing-list x_transferred
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28733 issue-tracking x_transferred
https://security.netapp.com/advisory/ntap-20230825-0002/ x_transferred

Affected products

grub2

<2.06-3

Matching in nixpkgs

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

nixos-unstable -
- nixpkgs-unstable

pkgs.grub2_pvhgrub_image

PvGrub2 image for booting PVH Xen guests

nixos-unstable -
- nixpkgs-unstable

Package maintainers

@hehongbo Hongbo
@digitalrane Rane <rane+git@junkyard.systems>
@CertainLach Yaroslav Bolyukin <iam@lach.pw>
@SigmaSquadron Fernando Rodrigues <alpha@sigmasquadron.net>