mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-02 00:15:14 +02:00
marc
1.5 KiB
1.5 KiB
CVE-2021-3697
Description
A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. This vulnerability can lead to data corruption and eventual code execution or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12.
POC
Reference
No PoCs from references.
Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/EuroLinux/shim-review
- https://github.com/Jurij-Ivastsuk/WAXAR-shim-review
- https://github.com/NaverCloudPlatform/shim-review
- https://github.com/Rodrigo-NR/shim-review
- https://github.com/coreyvelan/shim-review
- https://github.com/ctrliq/ciq-shim-build
- https://github.com/ctrliq/shim-review
- https://github.com/denis-jdsouza/wazuh-vulnerability-report-maker
- https://github.com/lenovo-lux/shim-review
- https://github.com/neppe/shim-review
- https://github.com/ozun215/shim-review
- https://github.com/puzzleos/uefi-shim_review
- https://github.com/rhboot/shim-review
- https://github.com/vathpela/shim-review