CVE-2020-15706

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2020-15706

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-15706.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-15706

Downstream

ALPINE-CVE-2020-15706

BELL-CVE-2020-15706

DEBIAN-CVE-2020-15706

DSA-4735-1

RHSA-2020:3216

RHSA-2020:3217

RHSA-2020:3223

RHSA-2020:3227

RHSA-2020:3271

RHSA-2020:3273

RHSA-2020:3274

RHSA-2020:3275

RHSA-2020:3276

SUSE-SU-2020:14440-1

SUSE-SU-2020:2073-1

SUSE-SU-2020:2074-1

SUSE-SU-2020:2076-1

SUSE-SU-2020:2077-1

SUSE-SU-2020:2078-1

SUSE-SU-2020:2079-1

UBUNTU-CVE-2020-15706

USN-4432-1

openSUSE-SU-2020:1168-1

openSUSE-SU-2020:1169-1

openSUSE-SU-2024:10824-1

Related

Published

2020-07-29T18:15:14.420Z

Modified

2026-02-15T07:39:37.469554Z

Severity

6.4 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

GRUB2 contains a race condition in grubscriptfunction_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions.

References

Affected packages

Git / github.com/rails/rails

Affected ranges

Type: GIT
Repo: https://github.com/rails/rails
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

375d9a0a7fb329b0fbbd75a13e93e53a00520587

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-15706.json"