CVE-2022-2601: Buffer Overflow
First published: Mon Aug 01 2022(Updated: )
A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows 10 | =21H2 | |
| Microsoft Windows 11 | =24H2 | |
| Microsoft Windows Server 2022 | ||
| Microsoft Windows 11 | =23H2 | |
| Microsoft Windows Server 2019 | ||
| Microsoft Windows 11 | =23H2 | |
| Microsoft Windows 10 | =21H2 | |
| Microsoft Windows 10 | ||
| Microsoft Windows Server 2022 | ||
| Microsoft Windows 11 | =24H2 | |
| Microsoft Windows 10 | =21H2 | |
| Microsoft Windows 10 | =1607 | |
| Microsoft Azure Linux 3.0 x64 | ||
| Microsoft Windows 10 | =1809 | |
| Microsoft Azure Linux 3.0 ARM | ||
| Microsoft Windows 11 | =21H2 | |
| Microsoft Windows 10 | =1809 | |
| Microsoft Windows 10 | =22H2 | |
| Microsoft Windows 10 | =1607 | |
| Microsoft Windows 10 | =22H2 | |
| Microsoft Windows Server 2012 R2 | ||
| Microsoft Windows 10 | =22H2 | |
| Microsoft Windows 10 | =1809 | |
| Microsoft Windows Server 2016 | ||
| Microsoft Windows Server 2019 | ||
| Microsoft Windows 11 | =22H2 | |
| Microsoft Windows Server 2012 R2 | ||
| Microsoft Windows 11 | =21H2 | |
| Microsoft Windows 11 | =22H2 | |
| Microsoft Windows 10 | ||
| Microsoft Windows Server 2016 | ||
| redhat/grub | <2.06 | 2.06 |
| Microsoft Windows Server 2012 x64 | ||
| Microsoft Windows Server 2012 x64 | ||
| Microsoft CBL-Mariner | ||
| Microsoft CBL-Mariner | ||
| Microsoft CBL-Mariner | ||
| Microsoft CBL-Mariner | ||
| Microsoft Windows Server 2022 23H2 | ||
| GRUB 2 | <=2.06 | |
| Fedora | =37 | |
| redhat enterprise Linux eus | =9.0 | |
| redhat enterprise Linux for power little endian eus | =9.0 | |
| redhat enterprise Linux server aus | =8.2 | |
| redhat enterprise Linux server for power little endian update services for sap solutions | =8.1 | |
| redhat enterprise Linux server for power little endian update services for sap solutions | =8.2 | |
| redhat enterprise Linux server for power little endian update services for sap solutions | =9.0 | |
| redhat enterprise Linux server tus | =8.2 | |
| redhat enterprise Linux server update services for sap solutions | =8.1 | |
| redhat enterprise Linux server update services for sap solutions | =8.2 | |
| redhat enterprise Linux server update services for sap solutions | =9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=2112975#c0
- https://security.netapp.com/advisory/ntap-20230203-0004/
- https://security.gentoo.org/glsa/202311-14
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2142996
- https://access.redhat.com/errata/RHSA-2022:8494
- https://access.redhat.com/errata/RHSA-2022:8800
- https://access.redhat.com/errata/RHSA-2022:8978
- https://access.redhat.com/errata/RHSA-2023:0049
- https://access.redhat.com/errata/RHSA-2023:0048
- https://access.redhat.com/errata/RHSA-2023:0047
- https://access.redhat.com/errata/RHSA-2023:0752
- https://access.redhat.com/security/cve/cve-2022-2601
- https://access.redhat.com/errata/RHSA-2024:2002
- https://bugzilla.redhat.com/show_bug.cgi?id=2112975
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-2601 (Advisory)
Frequently Asked Questions
What is the vulnerability ID of this buffer overflow?
The vulnerability ID is CVE-2022-2601.
What software is affected by CVE-2022-2601?
The affected software includes Gnu Grub2, Fedora 37, Redhat Enterprise Linux Eus, Redhat Enterprise Linux For Power Little Endian Eus, Redhat Enterprise Linux Server Aus, Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions, Redhat Enterprise Linux Server Tus, Redhat Enterprise Linux Server Update Services For Sap Solutions.
What is the severity rating of CVE-2022-2601?
CVE-2022-2601 has a severity rating of 8.6 (high).
What are the Common Weakness Enumerations (CWE) associated with CVE-2022-2601?
The common weakness enumerations (CWE) associated with CVE-2022-2601 are CWE-119, CWE-122, and CWE-787.
Where can I find more information about CVE-2022-2601?
You can find more information about CVE-2022-2601 at the following references: [1](https://bugzilla.redhat.com/show_bug.cgi?id=2112975#c0), [2](https://security.netapp.com/advisory/ntap-20230203-0004/), [3](https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2142996).
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/references
- agent/severity
- agent/description
- agent/event
- collector/msrc-cve
- source/Microsoft
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2022-2601
- collector/msrc
- agent/last-modified-date
- agent/source
- agent/software-canonical-lookup-request
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- collector/nvd-index
- vendor/microsoft
- canonical/microsoft windows 10
- version/microsoft windows 10/21h2
- canonical/microsoft windows 11
- version/microsoft windows 11/24h2
- canonical/microsoft windows server 2022
- version/microsoft windows 11/23h2
- canonical/microsoft windows server 2019
- version/microsoft windows 10/1607
- canonical/microsoft azure linux 3.0 x64
- version/microsoft windows 10/1809
- canonical/microsoft azure linux 3.0 arm
- version/microsoft windows 11/21h2
- version/microsoft windows 10/22h2
- canonical/microsoft windows server 2012 r2
- canonical/microsoft windows server 2016
- version/microsoft windows 11/22h2
- package-manager/redhat
- canonical/microsoft windows server 2012 x64
- canonical/microsoft cbl-mariner
- canonical/microsoft windows server 2022 23h2
- vendor/gnu
- canonical/grub 2
- version/grub 2/2.06
- vendor/fedoraproject
- canonical/fedora
- version/fedora/37
- vendor/redhat
- canonical/redhat enterprise linux eus
- version/redhat enterprise linux eus/9.0
- canonical/redhat enterprise linux for power little endian eus
- version/redhat enterprise linux for power little endian eus/9.0
- canonical/redhat enterprise linux server aus
- version/redhat enterprise linux server aus/8.2
- canonical/redhat enterprise linux server for power little endian update services for sap solutions
- version/redhat enterprise linux server for power little endian update services for sap solutions/8.1
- version/redhat enterprise linux server for power little endian update services for sap solutions/8.2
- version/redhat enterprise linux server for power little endian update services for sap solutions/9.0
- canonical/redhat enterprise linux server tus
- version/redhat enterprise linux server tus/8.2
- canonical/redhat enterprise linux server update services for sap solutions
- version/redhat enterprise linux server update services for sap solutions/8.1
- version/redhat enterprise linux server update services for sap solutions/8.2
- version/redhat enterprise linux server update services for sap solutions/9.0