Vulnerability Details : CVE-2022-28734
Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte past the buffer. It's conceivable that an attacker controlled set of packets can lead to corruption of the GRUB2's internal memory metadata.
Vulnerability category: Memory Corruption
Products affected by CVE-2022-28734
- cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-28734
0.13%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 34 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-28734
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.0
|
HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H |
2.2
|
4.7
|
NIST | 2024-01-16 |
|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST | |
|
8.1
|
HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.2
|
5.9
|
Canonical Ltd. |
CWE ids for CVE-2022-28734
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2022-28734
-
https://www.openwall.com/lists/oss-security/2022/06/07/5
oss-security - [SECURITY PATCH 00/30] Multiple GRUB2 vulnerabilities - 2022/06/07 roundMailing List;Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20230825-0002/
July 2023 Grub Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28734
CVE - CVE-2022-28734Third Party Advisory
Jump to