CVE 2021-20225
A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Related bugs and status
CVE-2021-20225 (Candidate) is related to these bugs:
Bug #1915536: one grub
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1915536 | one grub | grub2 (Ubuntu) | Undecided | Fix Released | ||
| 1915536 | one grub | grub2-signed (Ubuntu) | Undecided | Fix Released | ||
| 1915536 | one grub | grub2 (Ubuntu Groovy) | Undecided | Fix Released | ||
| 1915536 | one grub | grub2-signed (Ubuntu Groovy) | Undecided | Fix Released | ||
| 1915536 | one grub | grub2 (Ubuntu Xenial) | Undecided | Fix Released | ||
| 1915536 | one grub | grub2-signed (Ubuntu Xenial) | Undecided | Fix Released | ||
| 1915536 | one grub | grub2 (Ubuntu Focal) | Undecided | Fix Released | ||
| 1915536 | one grub | grub2-signed (Ubuntu Focal) | Undecided | Fix Released | ||
| 1915536 | one grub | grub2 (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1915536 | one grub | grub2-signed (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1915536 | one grub | grub2 (Ubuntu Hirsute) | Undecided | Fix Released | ||
| 1915536 | one grub | grub2-signed (Ubuntu Hirsute) | Undecided | Fix Released | ||
| 1915536 | one grub | grub2-unsigned (Ubuntu) | Undecided | Fix Released | ||
| 1915536 | one grub | grub2-unsigned (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1915536 | one grub | grub2-unsigned (Ubuntu Focal) | Undecided | Fix Released | ||
| 1915536 | one grub | grub2-unsigned (Ubuntu Groovy) | Undecided | Fix Released | ||
| 1915536 | one grub | grub2-unsigned (Ubuntu Hirsute) | Undecided | Fix Released | ||
| 1915536 | one grub | grub2-unsigned (Ubuntu Xenial) | Undecided | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
