CVE-2022-2601
8.6 HIGHA buffer overflow was found in grub_font_construct_glyph()
Published: 2022-12-14 · Last updated: 2026-05-27
Severity and scoring
- CVSS
- 8.6 HIGH
- Vector
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
- CWE
- CWE-122, CWE-787
Affected products
| Vendor | Product |
|---|---|
| fedoraproject | enterprise_linux_eus, enterprise_linux_for_power_little_endian_eus, enterprise_linux_server_aus |
| gnu | enterprise_linux_eus, enterprise_linux_for_power_little_endian_eus, enterprise_linux_server_aus |
| redhat | enterprise_linux_eus, enterprise_linux_for_power_little_endian_eus, enterprise_linux_server_aus |
Description
A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2022-2601
- [Other]https://bugzilla.redhat.com/show_bug.cgi?id=2112975#c0
- [Other]https://security.gentoo.org/glsa/202311-14
- [Other]https://security.netapp.com/advisory/ntap-20230203-0004/
- [Other]https://arstechnica.com/security/2024/08/a-patch-microsoft-spent-2-years-preparing-is-making-a-mess-for-some-linux-users/
- [Other]https://bugzilla.redhat.com/show_bug.cgi?id=2112975#c0
- [Other]https://security.gentoo.org/glsa/202311-14
- [Other]https://security.netapp.com/advisory/ntap-20230203-0004/
Related CVEs
Same vendor
- CVE-2026-1767 — A flaw was found in the GNOME localsearch (previously known as tracker-miners) MP3 Extractor `tracker-extract-mp3` component (5.6 MEDIUM)
- CVE-2026-1766 — A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor, specifically within the tracker-extract-mp3 com... (5.6 MEDIUM)
- CVE-2026-11793 — A stack buffer overflow flaw was found in 389 Directory Server (4.9 MEDIUM)
- CVE-2026-11790 — A flaw was found in 389 Directory Server (4.9 MEDIUM)
- CVE-2026-11789 — A flaw was found in 389 Directory Server (4.9 MEDIUM)
Same CWE
- CVE-2026-47750 — stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inf... (7.8 HIGH)
- CVE-2026-47747 — stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inf... (7.8 HIGH)
- CVE-2026-47964 — DNG SDK versions 1.7.1 2536 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code ex... (7.8 HIGH)
- CVE-2026-47749 — stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inf... (7.8 HIGH)
- CVE-2026-12314 — Memory safety bug fixed in Thunderbird 152 (7.5 HIGH)