In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-02 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Internet Technology >
Share
Shulou(Shulou.com)06/01 Report--
This article will explain in detail how GRUB2 native code execution vulnerability CVE-2020-10713 is. The quality of the article is high, so Xiaobian shares it with you as a reference. I hope you have a certain understanding of related knowledge after reading this article.
0x01 Vulnerability Description
On July 31, 2020, 360CERT monitoring found ecrypsium issued a risk notification for GRUB2 buffer overflow vulnerability, the vulnerability number is CVE-2020-10713, vulnerability level: high risk.
GRUB2 has a buffer overflow vulnerability that allows a native attacker to cause arbitrary code execution effects by setting a crafted grub.cfg configuration file.
In this regard, 360CERT recommends that users update GRUB2 in a timely manner. At the same time, please do a good job of asset self-examination and prevention work to avoid hacker attacks.
The upgrade of this vulnerability may cause the original system to fail to start normally. It is recommended to contact the equipment manufacturer for upgrade repair.
0x02 Risk Level
360CERT's assessment of this vulnerability is as follows
Rating Method Threat Level High Risk Impact Area General 0x03 Vulnerability Details
GRUB2 is currently the most popular boot program for *nix operating systems. It allows users to have multiple operating systems simultaneously within the computer, and supports real-time selection of the specified operating system when the computer is booted. GRUB can also be used to select different kernels on an operating system partition and to pass boot parameters to those kernels.
(Note: The boot program takes precedence over the operating system for execution and initialization. Any vulnerability in the boot program will directly affect the computer regardless of whether the operating system has vulnerabilities.)
A buffer overflow vulnerability exists in GRUB2 when processing its own configuration file grub.cfg. By creating a crafted grub.cfg file, a local attacker can gain unrestricted control of the affected device after the next reboot.
Exploitation of the vulnerability requires that an attacker has obtained maximum privileges on the operating system. The main significance of the creation is that it can provide a hidden and long-term resident high-privilege backdoor (Bootkit)
Image quoted from ecrypsium report
0x04 Impact Version
grub2:
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.