{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2015-8370","assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","dateUpdated":"2024-10-21T16:51:57.721Z","dateReserved":"2015-11-27T00:00:00.000Z","datePublished":"2015-12-16T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre","dateUpdated":"2024-01-16T00:06:19.101Z"},"descriptions":[{"lang":"en","value":"Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a denial of service (disk corruption) via backspace characters in the (1) grub_username_get function in grub-core/normal/auth.c or the (2) grub_password_get function in lib/crypto.c, which trigger an \"Off-by-two\" or \"Out of bounds overwrite\" memory error."}],"affected":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}],"references":[{"url":"http://packetstormsecurity.com/files/134831/Grub2-Authentication-Bypass.html"},{"name":"openSUSE-SU-2015:2392","tags":["vendor-advisory"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00043.html"},{"name":"openSUSE-SU-2016:0036","tags":["vendor-advisory"],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00003.html"},{"url":"http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html"},{"name":"79358","tags":["vdb-entry"],"url":"http://www.securityfocus.com/bid/79358"},{"name":"openSUSE-SU-2015:2375","tags":["vendor-advisory"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00037.html"},{"name":"1034422","tags":["vdb-entry"],"url":"http://www.securitytracker.com/id/1034422"},{"url":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"},{"name":"SUSE-SU-2015:2387","tags":["vendor-advisory"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00041.html"},{"name":"SUSE-SU-2015:2386","tags":["vendor-advisory"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00040.html"},{"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"name":"[oss-security] 20151215 Back to 28: Grub2 Authentication Bypass 0-Day [CVE-2015-8370]","tags":["mailing-list"],"url":"http://www.openwall.com/lists/oss-security/2015/12/15/6"},{"name":"20151215 Back to 28: Grub2 Authentication Bypass 0-Day [CVE-2015-8370]","tags":["mailing-list"],"url":"http://www.securityfocus.com/archive/1/537115/100/0/threaded"},{"name":"SUSE-SU-2015:2385","tags":["vendor-advisory"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00039.html"},{"name":"20151216 Back to 28: Grub2 Authentication Bypass 0-Day [CVE-2015-8370]","tags":["mailing-list"],"url":"http://seclists.org/fulldisclosure/2015/Dec/69"},{"name":"GLSA-201512-03","tags":["vendor-advisory"],"url":"https://security.gentoo.org/glsa/201512-03"},{"name":"FEDORA-2015-cebe5133e7","tags":["vendor-advisory"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173703.html"},{"name":"USN-2836-1","tags":["vendor-advisory"],"url":"http://www.ubuntu.com/usn/USN-2836-1"},{"name":"FEDORA-2015-90c27b6e91","tags":["vendor-advisory"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174049.html"},{"name":"RHSA-2015:2623","tags":["vendor-advisory"],"url":"http://rhn.redhat.com/errata/RHSA-2015-2623.html"},{"name":"SUSE-SU-2015:2399","tags":["vendor-advisory"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00044.html"},{"name":"DSA-3421","tags":["vendor-advisory"],"url":"http://www.debian.org/security/2015/dsa-3421"},{"name":"[oss-security] 20240116 CVE-2023-4001: a password bypass vulnerability in the downstream GRUB boot manager","tags":["mailing-list"],"url":"http://www.openwall.com/lists/oss-security/2024/01/15/3"}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"n/a"}]}],"datePublic":"2015-12-10T00:00:00.000Z"},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-06T08:13:32.834Z"},"title":"CVE Program Container","references":[{"url":"http://packetstormsecurity.com/files/134831/Grub2-Authentication-Bypass.html","tags":["x_transferred"]},{"name":"openSUSE-SU-2015:2392","tags":["vendor-advisory","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00043.html"},{"name":"openSUSE-SU-2016:0036","tags":["vendor-advisory","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00003.html"},{"url":"http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html","tags":["x_transferred"]},{"name":"79358","tags":["vdb-entry","x_transferred"],"url":"http://www.securityfocus.com/bid/79358"},{"name":"openSUSE-SU-2015:2375","tags":["vendor-advisory","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00037.html"},{"name":"1034422","tags":["vdb-entry","x_transferred"],"url":"http://www.securitytracker.com/id/1034422"},{"url":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html","tags":["x_transferred"]},{"name":"SUSE-SU-2015:2387","tags":["vendor-advisory","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00041.html"},{"name":"SUSE-SU-2015:2386","tags":["vendor-advisory","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00040.html"},{"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html","tags":["x_transferred"]},{"name":"[oss-security] 20151215 Back to 28: Grub2 Authentication Bypass 0-Day [CVE-2015-8370]","tags":["mailing-list","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2015/12/15/6"},{"name":"20151215 Back to 28: Grub2 Authentication Bypass 0-Day [CVE-2015-8370]","tags":["mailing-list","x_transferred"],"url":"http://www.securityfocus.com/archive/1/537115/100/0/threaded"},{"name":"SUSE-SU-2015:2385","tags":["vendor-advisory","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00039.html"},{"name":"20151216 Back to 28: Grub2 Authentication Bypass 0-Day [CVE-2015-8370]","tags":["mailing-list","x_transferred"],"url":"http://seclists.org/fulldisclosure/2015/Dec/69"},{"name":"GLSA-201512-03","tags":["vendor-advisory","x_transferred"],"url":"https://security.gentoo.org/glsa/201512-03"},{"name":"FEDORA-2015-cebe5133e7","tags":["vendor-advisory","x_transferred"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173703.html"},{"name":"USN-2836-1","tags":["vendor-advisory","x_transferred"],"url":"http://www.ubuntu.com/usn/USN-2836-1"},{"name":"FEDORA-2015-90c27b6e91","tags":["vendor-advisory","x_transferred"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174049.html"},{"name":"RHSA-2015:2623","tags":["vendor-advisory","x_transferred"],"url":"http://rhn.redhat.com/errata/RHSA-2015-2623.html"},{"name":"SUSE-SU-2015:2399","tags":["vendor-advisory","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00044.html"},{"name":"DSA-3421","tags":["vendor-advisory","x_transferred"],"url":"http://www.debian.org/security/2015/dsa-3421"},{"name":"[oss-security] 20240116 CVE-2023-4001: a password bypass vulnerability in the downstream GRUB boot manager","tags":["mailing-list","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2024/01/15/3"}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-191","lang":"en","description":"CWE-191 Integer Underflow (Wrap or Wraparound)"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":7.4,"attackVector":"LOCAL","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"HIGH","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-03-06T21:01:48.674436Z","id":"CVE-2015-8370","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-10-21T16:51:57.721Z"}}]}}