Bug#807614: grub2: CVE-2015-8370: buffer overflow when checking password entered during bootup

Thomas Morgan tmorgan at cc-llc.net
Thu Dec 17 22:14:11 UTC 2015


On Thu, 10 Dec 2015 22:43:41 +0100 Salvatore Bonaccorso wrote:
> Source: grub2
> Version: 1.99-27
> Severity: important
> Tags: security upstream patch
> 
> Hi,
> 
> the following vulnerability was published for grub2.
> 
> CVE-2015-8370[0]:
> buffer overflow when checking password entered during bootup
> 
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
> 
> For further information see:
> 
> [0] https://security-tracker.debian.org/tracker/CVE-2015-8370
> [1] https://bugzilla.redhat.com/show_bug.cgi?id=1286966
> 
> Please adjust the affected versions in the BTS as needed.
> 
> Regards,
> Salvatore
> 
> 



More information about the Pkg-grub-devel mailing list