UBUNTU-CVE-2024-2312

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2024-2312

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-2312.json

JSON Data

https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2024-2312

Upstream

CVE-2024-2312

Published

2024-04-05T00:00:00Z

Modified

2025-09-08T16:58:53Z

Severity

6.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Ubuntu - medium

Summary

[none]

Details

GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.

References

Affected packages

Ubuntu:Pro:14.04:LTS / grub2

Package

Name: grub2
Purl: pkg:deb/ubuntu/grub2@2.02~beta2-9ubuntu1.21?arch=source&distro=esm-infra-legacy/trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.00-19ubuntu2

2.00-19ubuntu3

2.00-19ubuntu4

2.00-20

2.00-21

2.00-22

2.02~beta2-5

2.02~beta2-6

2.02~beta2-7

2.02~beta2-8

2.02~beta2-9

2.02~beta2-9ubuntu1

2.02~beta2-9ubuntu1.1

2.02~beta2-9ubuntu1.2

2.02~beta2-9ubuntu1.3

2.02~beta2-9ubuntu1.4

2.02~beta2-9ubuntu1.5

2.02~beta2-9ubuntu1.6

2.02~beta2-9ubuntu1.7

2.02~beta2-9ubuntu1.8

2.02~beta2-9ubuntu1.11

2.02~beta2-9ubuntu1.12

2.02~beta2-9ubuntu1.14

2.02~beta2-9ubuntu1.15

2.02~beta2-9ubuntu1.16

2.02~beta2-9ubuntu1.17

2.02~beta2-9ubuntu1.20

2.02~beta2-9ubuntu1.21

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-common"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-coreboot"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-coreboot-bin"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-efi"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-efi-amd64"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-efi-amd64-bin"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-efi-arm"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-efi-arm-bin"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-efi-arm64"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-efi-arm64-bin"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-efi-ia32"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-efi-ia32-bin"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-emu"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-firmware-qemu"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-ieee1275"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-ieee1275-bin"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-linuxbios"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-pc"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-pc-bin"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-rescue-pc"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-theme-starfield"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-uboot"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-uboot-bin"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-xen"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-xen-bin"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub2"
        },
        {
            "binary_version": "2.02~beta2-9ubuntu1.21",
            "binary_name": "grub2-common"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-2312.json"

Ubuntu:Pro:14.04:LTS / grub2-signed

Package

Name: grub2-signed
Purl: pkg:deb/ubuntu/grub2-signed@1.34.24?arch=source&distro=esm-infra-legacy/trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.22

1.23

1.24

1.25

1.26

1.27

1.30

1.31

1.32

1.33

1.34

1.34.1

1.34.2

1.34.3

1.34.4

1.34.5

1.34.6

1.34.7

1.34.8

1.34.9

1.34.13

1.34.14

1.34.16

1.34.17

1.34.18

1.34.20

1.34.22

1.34.24

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "1.34.24+2.02~beta2-9ubuntu1.21",
            "binary_name": "grub-efi-amd64-signed"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-2312.json"

Ubuntu:24.04:LTS / grub2-signed

Package

Name: grub2-signed
Purl: pkg:deb/ubuntu/grub2-signed@1.202?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.202

Affected versions

1.*

1.197

1.199

1.201

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "1.202+2.12-1ubuntu7",
            "binary_name": "grub-efi-amd64-signed"
        },
        {
            "binary_version": "1.202+2.12-1ubuntu7",
            "binary_name": "grub-efi-arm64-signed"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-2312.json"

Ubuntu:24.04:LTS / grub2-unsigned

Package

Name: grub2-unsigned
Purl: pkg:deb/ubuntu/grub2-unsigned@2.12-1ubuntu7?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.12-1ubuntu7

Affected versions

2.*

2.12~rc1-10ubuntu4

2.12~rc1-12ubuntu2

2.12-1ubuntu1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "2.12-1ubuntu7",
            "binary_name": "grub-efi-amd64"
        },
        {
            "binary_version": "2.12-1ubuntu7",
            "binary_name": "grub-efi-amd64-bin"
        },
        {
            "binary_version": "2.12-1ubuntu7",
            "binary_name": "grub-efi-arm64"
        },
        {
            "binary_version": "2.12-1ubuntu7",
            "binary_name": "grub-efi-arm64-bin"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-2312.json"