Vulnerability CVE-2022-2601
Published: 2022-12-14

Description:
A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism.

Type:

CWE-787

 References:
https://bugzilla.redhat.com/show_bug.cgi?id=2112975#c0
Copyright 2026, cxsecurity.com

 

Back to Top