CVE-2021-3695
MEDIUMGRUB2 < 2.12 - Out-of-bounds Write via Crafted 16-bit Grayscale PNG Image
Title source: llmDescription
A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be exploited as an attacker needs to perform some triage over the heap layout to achieve signifcant results, also the values written into the memory are repeated three times in a row making difficult to produce valid payloads. This flaw affects grub2 versions prior grub-2.12.
References (3)
Core 3
Core References
Issue Tracking, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=1991685
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/202209-12
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20220930-0001/
Scores
CVSS v3
4.5
EPSS
0.0006
EPSS Percentile
18.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Details
CWE
CWE-787
Status
published
Products (34)
fedoraproject/fedora
36
gnu/grub2
2.00 - 2.12
netapp/ontap_select_deploy_administration_utility
redhat/codeready_linux_builder
redhat/developer_tools
1.0
redhat/enterprise_linux
8.0
redhat/enterprise_linux
8.1
redhat/enterprise_linux
8.4
redhat/enterprise_linux
9.0
redhat/enterprise_linux_eus
8.2
... and 24 more
Published
Jul 06, 2022
Tracked Since
Feb 18, 2026