Univention Bugzilla – Bug 40282
grub2: CVE-2015-8370 (3.2)
Last modified: 2016-06-01 16:12:07 CEST
+++ This bug was initially created as a clone of Bug #40281 +++ The following issues have been identified in grub2: * buffer overflow when checking password entered during bootup (CVE-2015-8370) Fixed in squeeze version 1.98+20100804-14+squeeze2.
r16548 Upstream fix backported as grub2/3.2-0-0-ucs/2.00-18-errata3.2-8/CVE-2015-8370.patch r69570 Advisory: grub2.yaml
How to reproduce: --- /etc/grub.d/00_header +++ /etc/grub.d/00_header @@ -315,3 +315,8 @@ if [ "x${GRUB_BADRAM}" != "x" ] ; then echo "badram ${GRUB_BADRAM}" fi + +cat <<EOF +set superusers="benutzer" +password benutzer univention +EOF update-grub shutdown -r now On username and password prompt press Backspace at least 28 times, before trying to enter the username or password.
Tests (amd64 KVM, i386 KVM): OK
OK: amd64 @ kvm OK: i386 @ kvm both did not crash bat did not accept correctly entered credentials - now works OK: dpkg-query -W grub-common # 2.00-18.110.201605271548 OK: zless /usr/share/doc/grub-common/changelog.Debian.gz OK: errata-announce -V --only grub2.yaml FIXED: r69641 grub2.yaml
<http://errata.software-univention.de/ucs/3.2/428.html>