{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T11:40:58.199","vulnerabilities":[{"cve":{"id":"CVE-2020-14310","sourceIdentifier":"secalert@redhat.com","published":"2020-07-31T22:15:11.500","lastModified":"2024-11-21T05:02:58.777","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a malicious font file which has a name with UINT32_MAX, leading to read_section_as_string() to an arithmetic overflow, zero-sized allocation and further heap-based buffer overflow."},{"lang":"es","value":"Se presenta un problema en grub2 versiones anteriores a 2.06, en la función read_section_as_string(). Se espera que el nombre de la fuente sea una longitud máxima UINT32_MAX - 1 en bytes, pero no lo verifica antes de proceder con la asignación del búfer para leer el valor desde el valor de la fuente. Un atacante puede aprovechar esto mediante el diseño de un archivo de fuente malicioso que tenga un nombre con UINT32_MAX, conduciendo a la función read_section_as_string () a un desbordamiento aritmético, asignación de tamaño cero y un nuevo desbordamiento de búfer en la región heap de la memoria"}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H","baseScore":5.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.5,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:P/A:P","baseScore":3.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"},{"lang":"en","value":"CWE-190"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*","versionEndExcluding":"2.06","matchCriteriaId":"01F8D62F-70BB-4718-A095-D68540C17EEA"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","matchCriteriaId":"92BC9265-6959-4D37-BE5E-8C45E98992F8"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","matchCriteriaId":"831F0F47-3565-4763-B16F-C87B1FF2035E"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","matchCriteriaId":"6897676D-53F9-45B3-B27F-7FF9A4C58D33"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","matchCriteriaId":"B09ACF2D-D83F-4A86-8185-9569605D8EE1"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","matchCriteriaId":"B620311B-34A3-48A6-82DF-6F078D7A4493"},{"vulnerable":true,"criteria":"cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*","matchCriteriaId":"B009C22E-30A4-4288-BCF6-C3E81DEAF45A"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","matchCriteriaId":"815D70A8-47D3-459C-A32C-9FEACA0659D1"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","matchCriteriaId":"7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","matchCriteriaId":"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*","matchCriteriaId":"902B8056-9E37-443B-8905-8AA93E2447FB"}]}]}],"references":[{"url":"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html","source":"secalert@redhat.com","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html","source":"secalert@redhat.com","tags":["Mailing List","Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14310","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://security.gentoo.org/glsa/202104-05","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/4432-1/","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14310","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://security.gentoo.org/glsa/202104-05","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/4432-1/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}