{"id":"UBUNTU-CVE-2021-3696","details":"A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and positioning of corrupted Huffman entries to achieve results such as arbitrary code execution and/or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12.","modified":"2026-02-04T02:21:04.984946Z","published":"2022-07-06T16:15:00Z","related":["USN-6355-1"],"upstream":["CVE-2021-3696"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-3696"},{"type":"REPORT","url":"https://www.openwall.com/lists/oss-security/2022/06/07/5"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6355-1"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2021-3696"}],"affected":[{"package":{"name":"grub2-signed","ecosystem":"Ubuntu:Pro:14.04:LTS","purl":"pkg:deb/ubuntu/grub2-signed@1.34.24?arch=source&distro=esm-infra-legacy/trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.22","1.23","1.24","1.25","1.26","1.27","1.30","1.31","1.32","1.33","1.34","1.34.1","1.34.2","1.34.3","1.34.4","1.34.5","1.34.6","1.34.7","1.34.8","1.34.9","1.34.13","1.34.14","1.34.16","1.34.17","1.34.18","1.34.20","1.34.22","1.34.24"],"ecosystem_specific":{"binaries":[{"binary_name":"grub-efi-amd64-signed","binary_version":"1.34.24+2.02~beta2-9ubuntu1.21"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-3696.json"}},{"package":{"name":"grub2-signed","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/grub2-signed@1.167~16.04.6?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.55","1.56","1.57","1.58","1.59","1.61","1.62","1.63","1.64","1.65","1.66","1.66.1","1.66.2","1.66.6","1.66.7","1.66.8","1.66.9","1.66.11","1.66.12","1.66.14","1.66.15","1.66.16","1.66.17","1.66.18","1.66.19","1.66.20","1.66.21","1.66.22","1.66.23","1.66.26","1.66.27","1.66.28","1.66.29","1.167~16.04.1","1.167~16.04.2","1.167~16.04.4","1.167~16.04.6"],"ecosystem_specific":{"binaries":[{"binary_name":"grub-efi-amd64-signed","binary_version":"1.167~16.04.6+2.04-1ubuntu44.1.2"},{"binary_name":"grub-efi-arm64-signed","binary_version":"1.167~16.04.6+2.04-1ubuntu44.1.2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-3696.json"}},{"package":{"name":"grub2-unsigned","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/grub2-unsigned@2.04-1ubuntu44.1.2?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.04-1ubuntu44","2.04-1ubuntu44.1","2.04-1ubuntu44.1.2"],"ecosystem_specific":{"binaries":[{"binary_name":"grub-efi-amd64","binary_version":"2.04-1ubuntu44.1.2"},{"binary_name":"grub-efi-amd64-bin","binary_version":"2.04-1ubuntu44.1.2"},{"binary_name":"grub-efi-arm64","binary_version":"2.04-1ubuntu44.1.2"},{"binary_name":"grub-efi-arm64-bin","binary_version":"2.04-1ubuntu44.1.2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-3696.json"}},{"package":{"name":"grub2-signed","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/grub2-signed@1.187.3~18.04.1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.187.3~18.04.1"}]}],"versions":["1.85","1.86","1.87","1.89","1.91","1.92","1.93","1.93.1","1.93.2","1.93.3","1.93.4","1.93.5","1.93.7","1.93.8","1.93.10","1.93.11","1.93.13","1.93.14","1.93.15","1.93.16","1.93.18","1.93.19","1.93.20","1.93.21","1.93.22","1.93.24","1.167~18.04.1","1.167~18.04.3","1.167~18.04.5","1.173.2~18.04.1","1.187.2~18.04.1"],"ecosystem_specific":{"binaries":[{"binary_name":"grub-efi-amd64-signed","binary_version":"1.187.3~18.04.1+2.06-2ubuntu14.1"},{"binary_name":"grub-efi-arm64-signed","binary_version":"1.187.3~18.04.1+2.06-2ubuntu14.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-3696.json"}},{"package":{"name":"grub2-unsigned","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/grub2-unsigned@2.06-2ubuntu14.1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.06-2ubuntu14.1"}]}],"versions":["2.04-1ubuntu44","2.04-1ubuntu44.1","2.04-1ubuntu44.1.2","2.04-1ubuntu47.4","2.06-2ubuntu14"],"ecosystem_specific":{"binaries":[{"binary_name":"grub-efi-amd64","binary_version":"2.06-2ubuntu14.1"},{"binary_name":"grub-efi-amd64-bin","binary_version":"2.06-2ubuntu14.1"},{"binary_name":"grub-efi-arm64","binary_version":"2.06-2ubuntu14.1"},{"binary_name":"grub-efi-arm64-bin","binary_version":"2.06-2ubuntu14.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-3696.json"}},{"package":{"name":"grub2-signed","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/grub2-signed@1.187.3~20.04.1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.187.3~20.04.1"}]}],"versions":["1.128","1.129","1.130","1.131","1.133","1.134","1.135","1.136","1.137","1.138","1.139","1.140","1.141","1.142","1.142.1","1.142.3","1.142.4","1.142.5","1.142.6","1.142.8","1.142.9","1.142.10","1.142.11","1.167","1.167.2","1.173.2~20.04.1","1.173.4","1.187.2~20.04.2"],"ecosystem_specific":{"binaries":[{"binary_name":"grub-efi-amd64-signed","binary_version":"1.187.3~20.04.1+2.06-2ubuntu14.1"},{"binary_name":"grub-efi-arm64-signed","binary_version":"1.187.3~20.04.1+2.06-2ubuntu14.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-3696.json"}},{"package":{"name":"grub2-unsigned","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/grub2-unsigned@2.06-2ubuntu14.1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.06-2ubuntu14.1"}]}],"versions":["2.04-1ubuntu44","2.04-1ubuntu44.2","2.04-1ubuntu47.4","2.04-1ubuntu47.5","2.06-2ubuntu14"],"ecosystem_specific":{"binaries":[{"binary_name":"grub-efi-amd64","binary_version":"2.06-2ubuntu14.1"},{"binary_name":"grub-efi-amd64-bin","binary_version":"2.06-2ubuntu14.1"},{"binary_name":"grub-efi-arm64","binary_version":"2.06-2ubuntu14.1"},{"binary_name":"grub-efi-arm64-bin","binary_version":"2.06-2ubuntu14.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-3696.json"}},{"package":{"name":"grub2-signed","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/grub2-signed@1.187.3~22.04.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.187.3~22.04.1"}]}],"versions":["1.173","1.174","1.176","1.177","1.178","1.179","1.180","1.182~22.04.1","1.187.2"],"ecosystem_specific":{"binaries":[{"binary_name":"grub-efi-amd64-signed","binary_version":"1.187.3~22.04.1+2.06-2ubuntu14.1"},{"binary_name":"grub-efi-arm64-signed","binary_version":"1.187.3~22.04.1+2.06-2ubuntu14.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-3696.json"}},{"package":{"name":"grub2-unsigned","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/grub2-unsigned@2.06-2ubuntu14.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.06-2ubuntu14.1"}]}],"versions":["2.04-1ubuntu47","2.04-1ubuntu48","2.06-2ubuntu3","2.06-2ubuntu4","2.06-2ubuntu5","2.06-2ubuntu6","2.06-2ubuntu7","2.06-2ubuntu10","2.06-2ubuntu14"],"ecosystem_specific":{"binaries":[{"binary_name":"grub-efi-amd64","binary_version":"2.06-2ubuntu14.1"},{"binary_name":"grub-efi-amd64-bin","binary_version":"2.06-2ubuntu14.1"},{"binary_name":"grub-efi-arm64","binary_version":"2.06-2ubuntu14.1"},{"binary_name":"grub-efi-arm64-bin","binary_version":"2.06-2ubuntu14.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-3696.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"type":"Ubuntu","score":"medium"}]}