CVE-2020-14309

EPSS 0.04% · P14 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-14309

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

grub2 输入验证错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

grub2是GNU社区的一款Linux系统引导程序。 grub2 2.06之前版本中存在输入验证错误漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	Grub	All grub2 versions before 2.06	-

II. Public POCs for CVE-2020-14309

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-14309

请登录查看更多情报信息。

https://security.netapp.com/advisory/ntap-20200731-0008/x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=1852022x_refsource_MISC
https://usn.ubuntu.com/4432-1/vendor-advisoryx_refsource_UBUNTU
https://security.gentoo.org/glsa/202104-05vendor-advisoryx_refsource_GENTOO
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.htmlvendor-advisoryx_refsource_SUSE
https://nvd.nist.gov/vuln/detail/CVE-2020-14309

Same Patch Batch · n/a · 2020-07-30 · 26 CVEs total

CVE-2020-7699	7.5 HIGH	Prototype Pollution
CVE-2020-10713		grub2 缓冲区错误漏洞
CVE-2020-8222		Pulse Secure Pulse Connect Secure 路径遍历漏洞
CVE-2020-8221		Pulse Secure Pulse Connect Secure 路径遍历漏洞
CVE-2020-8220		Pulse Secure Pulse Connect Secure 资源管理错误漏洞
CVE-2020-8219		Pulse Secure Pulse Connect Secure 安全漏洞
CVE-2020-8218		Pulse Secure Pulse Connect Secure 代码注入漏洞
CVE-2020-8217		Pulse Secure Pulse Connect Secure 跨站脚本漏洞
CVE-2020-8216		Pulse Secure Pulse Connect Secure 信息泄露漏洞
CVE-2020-8206		Pulse Secure Pulse Connect Secure 授权问题漏洞
CVE-2020-8204		Pulse Secure Pulse Connect Secure 跨站脚本漏洞
CVE-2020-8202		Nextcloud Preferred Providers app 安全漏洞
CVE-2020-8192		Fastify 资源管理错误漏洞
CVE-2020-16166		Linux kernel 安全特征问题漏洞
CVE-2020-12620		Pi-hole 安全漏洞
CVE-2020-14162		Pi-hole 安全漏洞
CVE-2020-15957		DP3T-Backend-SDK 数据伪造问题漏洞
CVE-2020-14158		ABUS Secvest FUMO5011 授权问题漏洞
CVE-2020-15511		HashiCorp Terraform 输入验证错误漏洞
CVE-2020-16157		Nagios Log Server 跨站脚本漏洞

Showing top 20 of 26 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Grub

Same vendor: n/a

V. Comments for CVE-2020-14309

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2020-14309

I. Basic Information for CVE-2020-14309

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-14309

III. Intelligence Information for CVE-2020-14309

Same Patch Batch · n/a · 2020-07-30 · 26 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2020-14309

Leave a comment