CVE-2024-2312
Published: 5 April 2024
GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.
Notes
Author | Note |
---|---|
eslerm | the grub2 package does not affect Ubuntu's Secure Boot grub2-unsigned contains Secure Boot security fixes grub2 and grub2-unsigned should have same major version Ubuntu Secure Boot and ESM do not cover i386 trusty's GA kernel cannot handle new versions of grub Note that key revocation is required to protect against evil housekeeper attacks (such as BlackLotus) |
mdeslaur | this is fixed in grub2-unsigned (2.12~rc1-10ubuntu4.2) and grub2-signed (1.197.2) in mantic-proposed. |
Priority
Status
Package | Release | Status |
---|---|---|
grub2 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(does not affect Secure Boot)
|
focal |
Not vulnerable
(does not affect Secure Boot)
|
|
jammy |
Not vulnerable
(does not affect Secure Boot)
|
|
mantic |
Not vulnerable
(does not affect Secure Boot)
|
|
noble |
Not vulnerable
(does not affect Secure Boot)
|
|
trusty |
Ignored
(update incompatible with kernel)
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(does not affect Secure Boot)
|
|
grub2-signed Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code not present)
|
focal |
Not vulnerable
(code not present)
|
|
jammy |
Not vulnerable
(code not present)
|
|
mantic |
Needed
|
|
noble |
Released
(1.202)
|
|
trusty |
Ignored
(update incompatible with kernel)
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(code not present)
|
|
grub2-unsigned Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code not present)
|
focal |
Not vulnerable
(code not present)
|
|
jammy |
Not vulnerable
(code not present)
|
|
mantic |
Needed
|
|
noble |
Released
(2.12-1ubuntu7)
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(code not present)
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 6.7 |
Attack vector | Local |
Attack complexity | Low |
Privileges required | High |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |