CVE-2020-14308

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-14308

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-14308.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-14308

Downstream

ALPINE-CVE-2020-14308

DEBIAN-CVE-2020-14308

DSA-4735-1

RHSA-2020:3216

RHSA-2020:3217

RHSA-2020:3223

RHSA-2020:3227

RHSA-2020:3271

RHSA-2020:3273

RHSA-2020:3274

RHSA-2020:3275

RHSA-2020:3276

SUSE-SU-2020:14440-1

SUSE-SU-2020:2073-1

SUSE-SU-2020:2074-1

SUSE-SU-2020:2076-1

SUSE-SU-2020:2077-1

SUSE-SU-2020:2078-1

SUSE-SU-2020:2079-1

UBUNTU-CVE-2020-14308

USN-4432-1

openSUSE-SU-2020:1168-1

openSUSE-SU-2020:1169-1

openSUSE-SU-2024:10824-1

Related

Published

2020-07-29T20:15:12Z

Modified

2025-08-09T19:01:27Z

Severity

6.4 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts during the boot process.

References

Affected packages