Launchpad.net

CVE 2020-27779

A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Related bugs and status

CVE-2020-27779 (Candidate) is related to these bugs:

Bug #1915536: one grub

		In	Importance	Status
1915536	one grub	grub2 (Ubuntu)	Undecided	Fix Released
1915536	one grub	grub2-signed (Ubuntu)	Undecided	Fix Released
1915536	one grub	grub2 (Ubuntu Groovy)	Undecided	Fix Released
1915536	one grub	grub2-signed (Ubuntu Groovy)	Undecided	Fix Released
1915536	one grub	grub2 (Ubuntu Xenial)	Undecided	Fix Released
1915536	one grub	grub2-signed (Ubuntu Xenial)	Undecided	Fix Released
1915536	one grub	grub2 (Ubuntu Focal)	Undecided	Fix Released
1915536	one grub	grub2-signed (Ubuntu Focal)	Undecided	Fix Released
1915536	one grub	grub2 (Ubuntu Bionic)	Undecided	Fix Released
1915536	one grub	grub2-signed (Ubuntu Bionic)	Undecided	Fix Released
1915536	one grub	grub2 (Ubuntu Hirsute)	Undecided	Fix Released
1915536	one grub	grub2-signed (Ubuntu Hirsute)	Undecided	Fix Released
1915536	one grub	grub2-unsigned (Ubuntu)	Undecided	Fix Released
1915536	one grub	grub2-unsigned (Ubuntu Bionic)	Undecided	Fix Released
1915536	one grub	grub2-unsigned (Ubuntu Focal)	Undecided	Fix Released
1915536	one grub	grub2-unsigned (Ubuntu Groovy)	Undecided	Fix Released
1915536	one grub	grub2-unsigned (Ubuntu Hirsute)	Undecided	Fix Released
1915536	one grub	grub2-unsigned (Ubuntu Xenial)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2020-27779

Related bugs and status

Related bugs

References