{"id":"USN-6410-1","summary":"grub2-signed, grub2-unsigned vulnerabilities","details":"It was discovered that a specially crafted file system image could cause a\nheap-based out-of-bounds write. A local attacker could potentially use this\nto perform arbitrary code execution bypass and bypass secure boot\nprotections. (CVE-2023-4692)\n\nIt was discovered that a specially crafted file system image could cause an\nout-of-bounds read. A physically-present attacker could possibly use this\nto leak sensitive information to the GRUB pager. (CVE-2023-4693)\n","modified":"2026-04-27T16:53:45.962610Z","published":"2023-10-04T01:31:42Z","related":["UBUNTU-CVE-2023-4692","UBUNTU-CVE-2023-4693"],"upstream":["CVE-2023-4692","CVE-2023-4693","UBUNTU-CVE-2023-4692","UBUNTU-CVE-2023-4693"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6410-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-4692"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-4693"}],"affected":[{"package":{"name":"grub2-signed","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/grub2-signed@1.187.6~20.04.1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.187.6~20.04.1"}]}],"versions":["1.128","1.129","1.130","1.131","1.133","1.134","1.135","1.136","1.137","1.138","1.139","1.140","1.141","1.142","1.142.1","1.142.3","1.142.4","1.142.5","1.142.6","1.142.8","1.142.9","1.142.10","1.142.11","1.167","1.167.2","1.173.2~20.04.1","1.173.4","1.187.2~20.04.2","1.187.3~20.04.1","1.187.4~20.04.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"grub-efi-amd64-signed","binary_version":"1.187.6~20.04.1+2.06-2ubuntu14.4"},{"binary_name":"grub-efi-arm64-signed","binary_version":"1.187.6~20.04.1+2.06-2ubuntu14.4"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6410-1.json","cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2023-4692"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2023-4693"}],"ecosystem":"Ubuntu:20.04:LTS"}}},{"package":{"name":"grub2-signed","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/grub2-signed@1.187.6?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.187.6"}]}],"versions":["1.173","1.174","1.176","1.177","1.178","1.179","1.180","1.182~22.04.1","1.187.2","1.187.3~22.04.1","1.187.4~22.04.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"grub-efi-amd64-signed","binary_version":"1.187.6+2.06-2ubuntu14.4"},{"binary_name":"grub-efi-arm64-signed","binary_version":"1.187.6+2.06-2ubuntu14.4"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6410-1.json","cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2023-4692"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2023-4693"}],"ecosystem":"Ubuntu:22.04:LTS"}}},{"package":{"name":"grub2-unsigned","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/grub2-unsigned@2.06-2ubuntu14.4?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.06-2ubuntu14.4"}]}],"versions":["2.04-1ubuntu47","2.04-1ubuntu48","2.06-2ubuntu3","2.06-2ubuntu4","2.06-2ubuntu5","2.06-2ubuntu6","2.06-2ubuntu7","2.06-2ubuntu10","2.06-2ubuntu14","2.06-2ubuntu14.1","2.06-2ubuntu14.2"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"grub-efi-amd64","binary_version":"2.06-2ubuntu14.4"},{"binary_name":"grub-efi-amd64-bin","binary_version":"2.06-2ubuntu14.4"},{"binary_name":"grub-efi-arm64","binary_version":"2.06-2ubuntu14.4"},{"binary_name":"grub-efi-arm64-bin","binary_version":"2.06-2ubuntu14.4"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6410-1.json","cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2023-4692"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2023-4693"}],"ecosystem":"Ubuntu:22.04:LTS"}}}],"schema_version":"1.7.5"}