Bugs fixes in "grub2-unsigned"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2022-3775 | When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bi | 2023-01-11 |
| CVE | CVE-2022-2601 | A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size | 2023-01-11 |
| Launchpad | 1987924 | GRUB may execute the kernel w/ dirty instruction cache on arm64 | 2023-01-11 |
| Launchpad | 1995751 | update to 2.04-1ubuntu47.4 drops zz-update-grub | 2023-01-11 |
| Launchpad | 1987924 | GRUB may execute the kernel w/ dirty instruction cache on arm64 | 2022-12-09 |
| Launchpad | 1995751 | update to 2.04-1ubuntu47.4 drops zz-update-grub | 2022-12-09 |
| CVE | CVE-2021-3697 | A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to | 2022-11-30 |
| CVE | CVE-2021-3696 | A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Co | 2022-11-30 |
| CVE | CVE-2021-3695 | A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data co | 2022-11-30 |
| Launchpad | 1930742 | cloud images in xenial do not get their boot path updated because we don't call grub-install --force-extra-removable | 2022-11-30 |
| CVE | CVE-2021-3697 | A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to | 2022-11-30 |
| CVE | CVE-2021-3696 | A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Co | 2022-11-30 |
| CVE | CVE-2021-3695 | A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data co | 2022-11-30 |
| Launchpad | 1930742 | cloud images in xenial do not get their boot path updated because we don't call grub-install --force-extra-removable | 2022-11-30 |
| CVE | CVE-2021-3697 | A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to | 2022-11-30 |
| CVE | CVE-2021-3696 | A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Co | 2022-11-30 |
| CVE | CVE-2021-3695 | A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data co | 2022-11-30 |
| Launchpad | 1930742 | cloud images in xenial do not get their boot path updated because we don't call grub-install --force-extra-removable | 2022-11-30 |
| CVE | CVE-2021-3697 | A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to | 2022-10-26 |
| CVE | CVE-2021-3696 | A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Co | 2022-10-26 |
About
-
Send Feedback to @ubuntu_updates
