SecuritySpace - CVE-2022-3775

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2022-3775

Description: When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.

Test IDs: 1.3.6.1.4.1.25623.1.1.2.2023.1595

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2022-3775
https://security.gentoo.org/glsa/202311-14
https://access.redhat.com/security/cve/cve-2022-3775
https://access.redhat.com/security/cve/cve-2022-3775

CVE ID:	CVE-2022-3775
Description:	When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.
Test IDs:	1.3.6.1.4.1.25623.1.1.2.2023.1595
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2022-3775 https://security.gentoo.org/glsa/202311-14 https://access.redhat.com/security/cve/cve-2022-3775 https://access.redhat.com/security/cve/cve-2022-3775