An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to be leaked, presenting a high Confidentiality risk.
References
Configurations
History
03 May 2024, 03:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
30 Apr 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
29 Apr 2024, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
23 Apr 2024, 02:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
08 Mar 2024, 19:40
Type | Values Removed | Values Added |
---|---|---|
References | () https://security.gentoo.org/glsa/202311-14 - Third Party Advisory | |
References | () https://security.netapp.com/advisory/ntap-20231208-0002/ - Third Party Advisory | |
CPE | cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:* |
08 Dec 2023, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 Nov 2023, 12:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-10-25 18:17
Updated : 2024-05-03 03:16
NVD link : CVE-2023-4693
Mitre link : CVE-2023-4693
CVE.ORG link : CVE-2023-4693
JSON object : View
Products Affected
gnu
- grub2
redhat
- enterprise_linux
CWE
CWE-125
Out-of-bounds Read