Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-868-1: GRUB 2 vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-868-1: GRUB 2 vulnerability
# 1  
Old 12-08-2009
USN-868-1: GRUB 2 vulnerability
Referenced CVEs:
CVE-2009-4128


Description:
=========================================================== Ubuntu Security Notice USN-868-1 December 09, 2009 grub2 vulnerability CVE-2009-4128 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.10: grub2 1.97~beta4-1ubuntu4.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Users who have upgraded from GRUB Legacy to GRUB 2 and are still using Grub Legacy to chainload into GRUB 2, you will have to run the following command (possibly adjusting 'hd0') to update GRUB 2's on disk core image: $ sudo grub-install --no-floppy --grub-setup=/bin/true "(hd0)" If you previously ran 'upgrade-from-grub-legacy', a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that GRUB 2 did not properly validate passwords. An attacker with physical access could conduct a brute force attack and bypass authentication by submitting a 1 character password.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

cpg_zcb_free

CPG_ZCB_FREE(2009-04-15)												  CPG_ZCB_FREE(2009-04-15)

NAME

       cpg_zcb_free - Frees a zero copy buffer #include <corosync/cpg.h>

       int cpg_zcb_fre(cpg_handle_t handle, void *buffer);

DESCRIPTION

       The cpg_zcb_free function will free a zero copy buffer.

       The argument handle describes the handle on which the buffer will be allocated.

       The argument buffer is the zero copy buffer to free.

RETURN VALUE

       This call returns the CPG_OK value if successful, otherwise an error is returned.

ERRORS

       The errors are undocumented.

SEE ALSO

       cpg_overview(8),  cpg_initialize(3),  cpg_finalize(3),  cpg_fd_get(3),  cpg_dispatch(3),  cpg_join(3),  cpg_leave(3),  cpg_mcast_joined(3),
       cpg_membership_get(3) cpg_zcb_alloc(3) cpg_zcb_free(3) cpg_zcb_mcast_joined(3) cpg_context_get(3) cpg_context_set(3) cpg_local_get(3)

Corosync Cluster Engine Programmer's Manual			 corosync Man Page					  CPG_ZCB_FREE(2009-04-15)