A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the password_pbkdf2 directive in the file.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_version": "2.00-20", "binary_name": "grub-common" }, { "binary_version": "2.00-20", "binary_name": "grub-coreboot" }, { "binary_version": "2.00-20", "binary_name": "grub-coreboot-bin" }, { "binary_version": "2.00-20", "binary_name": "grub-coreboot-dbg" }, { "binary_version": "2.00-20", "binary_name": "grub-efi" }, { "binary_version": "2.00-20", "binary_name": "grub-efi-amd64" }, { "binary_version": "2.00-20", "binary_name": "grub-efi-amd64-bin" }, { "binary_version": "2.00-20", "binary_name": "grub-efi-amd64-dbg" }, { "binary_version": "2.00-20", "binary_name": "grub-efi-ia32" }, { "binary_version": "2.00-20", "binary_name": "grub-efi-ia32-bin" }, { "binary_version": "2.00-20", "binary_name": "grub-efi-ia32-dbg" }, { "binary_version": "2.00-20", "binary_name": "grub-emu" }, { "binary_version": "2.00-20", "binary_name": "grub-emu-dbg" }, { "binary_version": "2.00-20", "binary_name": "grub-firmware-qemu" }, { "binary_version": "2.00-20", "binary_name": "grub-ieee1275" }, { "binary_version": "2.00-20", "binary_name": "grub-ieee1275-bin" }, { "binary_version": "2.00-20", "binary_name": "grub-ieee1275-dbg" }, { "binary_version": "2.00-20", "binary_name": "grub-linuxbios" }, { "binary_version": "2.00-20", "binary_name": "grub-mount-udeb" }, { "binary_version": "2.00-20", "binary_name": "grub-pc" }, { "binary_version": "2.00-20", "binary_name": "grub-pc-bin" }, { "binary_version": "2.00-20", "binary_name": "grub-pc-dbg" }, { "binary_version": "2.00-20", "binary_name": "grub-rescue-pc" }, { "binary_version": "2.00-20", "binary_name": "grub-theme-starfield" }, { "binary_version": "2.00-20", "binary_name": "grub2" }, { "binary_version": "2.00-20", "binary_name": "grub2-common" } ] }