Launchpad.net

CVE 2021-3697

A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. This vulnerability can lead to data corruption and eventual code execution or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12.

Related bugs and status

CVE-2021-3697 (Candidate) is related to these bugs:

Bug #1926748: regression in xenial updates - grub2 cannot handle new arm64 relocations

		In	Importance	Status
1926748	regression in xenial updates - grub2 cannot handle new arm64 relocations	grub2 (Ubuntu)	Undecided	Fix Released
1926748	regression in xenial updates - grub2 cannot handle new arm64 relocations	grub2 (Ubuntu Trusty)	Undecided	Confirmed
1926748	regression in xenial updates - grub2 cannot handle new arm64 relocations	grub2 (Ubuntu Xenial)	Undecided	Fix Released
1926748	regression in xenial updates - grub2 cannot handle new arm64 relocations	grub2-unsigned (Ubuntu)	Undecided	Fix Released
1926748	regression in xenial updates - grub2 cannot handle new arm64 relocations	grub2-unsigned (Ubuntu Trusty)	Undecided	Confirmed
1926748	regression in xenial updates - grub2 cannot handle new arm64 relocations	grub2-unsigned (Ubuntu Xenial)	Undecided	Fix Released
1926748	regression in xenial updates - grub2 cannot handle new arm64 relocations	grub2-signed (Ubuntu)	Undecided	Invalid
1926748	regression in xenial updates - grub2 cannot handle new arm64 relocations	grub2-signed (Ubuntu Trusty)	Undecided	Confirmed
1926748	regression in xenial updates - grub2 cannot handle new arm64 relocations	grub2-signed (Ubuntu Xenial)	Undecided	Fix Released
1926748	regression in xenial updates - grub2 cannot handle new arm64 relocations	grub2-signed (Ubuntu Bionic)	Undecided	Fix Released
1926748	regression in xenial updates - grub2 cannot handle new arm64 relocations	grub2-unsigned (Ubuntu Bionic)	Undecided	Fix Released
1926748	regression in xenial updates - grub2 cannot handle new arm64 relocations	grub2-unsigned (Ubuntu Jammy)	Undecided	Fix Released

Bug #1930742: cloud images in xenial do not get their boot path updated because we don't call grub-install --force-extra-removable

		In	Importance	Status
1930742	cloud images in xenial do not get their boot path updated because we don't call grub-install --force-extra-removable	grub2-unsigned (Ubuntu)	Undecided	Fix Released
1930742	cloud images in xenial do not get their boot path updated because we don't call grub-install --force-extra-removable	grub2-signed (Ubuntu)	Undecided	Fix Released
1930742	cloud images in xenial do not get their boot path updated because we don't call grub-install --force-extra-removable	shim-signed (Ubuntu)	Undecided	Invalid
1930742	cloud images in xenial do not get their boot path updated because we don't call grub-install --force-extra-removable	grub2-signed (Ubuntu Xenial)	Undecided	Fix Released
1930742	cloud images in xenial do not get their boot path updated because we don't call grub-install --force-extra-removable	grub2-unsigned (Ubuntu Xenial)	Undecided	Fix Released
1930742	cloud images in xenial do not get their boot path updated because we don't call grub-install --force-extra-removable	shim-signed (Ubuntu Xenial)	Undecided	Fix Released
1930742	cloud images in xenial do not get their boot path updated because we don't call grub-install --force-extra-removable	grub2-signed (Ubuntu Bionic)	Undecided	Fix Released
1930742	cloud images in xenial do not get their boot path updated because we don't call grub-install --force-extra-removable	grub2-unsigned (Ubuntu Bionic)	Undecided	Fix Released
1930742	cloud images in xenial do not get their boot path updated because we don't call grub-install --force-extra-removable	shim-signed (Ubuntu Bionic)	Undecided	Invalid
1930742	cloud images in xenial do not get their boot path updated because we don't call grub-install --force-extra-removable	grub2-unsigned (Ubuntu Jammy)	Undecided	Fix Released

Bug #2008950: Missing modules on arm64 builds of monolithic grub

Summary				In	Importance	Status
	2008950	Missing modules on arm64 builds of monolithic grub		grub2 (Ubuntu)	Undecided	Fix Released

Bug #2028947: grub2-unsigned/2.12~rc1-4ubuntu1 signing

		In	Importance	Status
2028947	grub2-unsigned/2.12~rc1-4ubuntu1 signing	grub2-unsigned (Ubuntu)	Undecided	Fix Released
2028947	grub2-unsigned/2.12~rc1-4ubuntu1 signing	canonical-signing-jobs	Undecided	Fix Released
2028947	grub2-unsigned/2.12~rc1-4ubuntu1 signing	grub2-signed (Ubuntu)	Undecided	Fix Released
2028947	grub2-unsigned/2.12~rc1-4ubuntu1 signing	canonical-signing-jobs task00	Medium	Fix Released
2028947	grub2-unsigned/2.12~rc1-4ubuntu1 signing	grub2 (Ubuntu)	Undecided	Fix Released

Bug #2034119: [Debian] High CVE: CVE-2021-3695/CVE-2021-3696/CVE-2021-3697/CVE-2022-28733/CVE-2022-28734/CVE-2022-28735/CVE-2022-28736 grub2: multiple CVEs

Summary				In	Importance	Status
	2034119	[Debian] High CVE: CVE-2021-3695/CVE-2021-3696/CVE-2021-3697/CVE-2022-28733/CVE-2022-28734/CVE-2022-28735/CVE-2022-28736 grub2: multiple CVEs		StarlingX	High	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2021-3697

Related bugs and status

Related bugs

References