CVE-2022-28734

HIGH8.1

Out-of-bounds write when handling split HTTP headers

Published Jul 20, 2023

Modified 11 months ago

No fix available

Details

Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte past the buffer. It's conceivable that an attacker controlled set of packets can lead to corruption of the GRUB2's internal memory metadata.

References

WEBhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28734 WEBhttps://security.netapp.com/advisory/ntap-20230825-0002/ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2022-28734 WEBhttps://www.openwall.com/lists/oss-security/2022/06/07/5

CVSS Analysis

CVSS v3.1

8.1

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

HighAC:H

Privileges Required

NonePR:N

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

HighI:H

Availability

HighA:H

8.1/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Ecosystems

Timeline

PublishedJul 20, 2023

ModifiedFeb 13, 2025