Back to bug 1286966
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Martin Prpič | 2015-12-01 09:09:42 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2015-12-01 09:09:42 UTC | Doc Type | --- | Bug Fix |
| Martin Prpič | 2015-12-01 09:14:36 UTC | Blocks | 1286968 | |
| Tomas Hoger | 2015-12-04 11:30:46 UTC | Comment 1 is private | 1 | 0 |
| Tomas Hoger | 2015-12-04 11:30:59 UTC | Attachment #1100986 Attachment is private | 1 | 0 |
| Tomas Hoger | 2015-12-04 11:41:35 UTC | Whiteboard | impact=moderate,public=20151210,reported=20151201,source=redhat,cvss2=4.4/AV:L/AC:M/Au:N/C:P/I:P/A:P,fedora-all/grub2=affected,rhel-7/grub2=affected | impact=moderate,public=20151210,reported=20151201,source=researcher,cvss2=6.9/AV:L/AC:M/Au:N/C:C/I:C/A:C,cwe=CWE-787,rhel-5/grub=notaffected,rhel-6/grub=notaffected,rhel-7/grub2=affected,fedora-all/grub2=affected |
| Tomas Hoger | 2015-12-04 11:52:55 UTC | Doc Text | A flaw was found in the way the grub2 handled backspace characters entered in username and password prompts. An attacker with access to the system console could use this flaw to bypass grub2 password protection and gain administrative access to the system. | |
| Tomas Hoger | 2015-12-04 11:53:23 UTC | Depends On | 1288493 | |
| Tomas Hoger | 2015-12-04 11:53:28 UTC | Depends On | 1288494 | |
| Martin Prpič | 2015-12-04 12:15:09 UTC | Doc Text | A flaw was found in the way the grub2 handled backspace characters entered in username and password prompts. An attacker with access to the system console could use this flaw to bypass grub2 password protection and gain administrative access to the system. | A flaw was found in the way grub2 handled backspace characters entered in username and password prompts. An attacker with access to the system console could use this flaw to bypass grub2 password protection and gain administrative access to the system. |
| Martin Banas | 2015-12-08 11:24:06 UTC | CC | mbanas | |
| Peter Jones | 2015-12-09 16:15:47 UTC | Status | NEW | MODIFIED |
| Fixed In Version | grub2-2.02-0.31.el7 | |||
| Tomas Hoger | 2015-12-09 20:26:02 UTC | Status | MODIFIED | NEW |
| Fixed In Version | grub2-2.02-0.31.el7 | |||
| Martin Prpič | 2015-12-10 13:13:13 UTC | Summary | EMBARGOED CVE-2015-8370 grub2: buffer overflow when checking password entered during bootup | CVE-2015-8370 grub2: buffer overflow when checking password entered during bootup |
| Martin Prpič | 2015-12-10 13:13:16 UTC | Group | security, qe_staff | |
| Martin Prpič | 2015-12-10 13:14:02 UTC | Depends On | 1290417 | |
| Salvatore Bonaccorso | 2015-12-10 21:34:55 UTC | CC | carnil | |
| Tomas Hoger | 2015-12-15 11:07:38 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2015-12-15 06:07:38 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:40:12 UTC | Whiteboard | impact=moderate,public=20151210,reported=20151201,source=researcher,cvss2=6.9/AV:L/AC:M/Au:N/C:C/I:C/A:C,cwe=CWE-787,rhel-5/grub=notaffected,rhel-6/grub=notaffected,rhel-7/grub2=affected,fedora-all/grub2=affected | |
| Jan Pazdziora | 2023-07-25 14:57:48 UTC | CC | jpazdziora, pmatouse | |
| Flags | needinfo?(pmatouse) | |||
| Gabriel Gaspar Becker | 2023-08-01 12:56:18 UTC | CC | ggasparb | |
| Petr Matousek | 2023-08-10 11:35:54 UTC | CC | bootloader-eng-team, jaredz, mlewando, pjanda, pkotvan, rharwood | |
| Flags | needinfo?(pmatouse) |
Back to bug 1286966