Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-20233 PoC — grub2 缓冲区错误漏洞

Source
https://github.com/pauljrowland/BootHoleFix
Associated Vulnerability
Title:grub2 缓冲区错误漏洞 (CVE-2021-20233)
Description:A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Description
This script will remediate the BootHole bug identified in CVE-2020-25632 and/or CVE-2021-20233.
Readme
# Boot Hole Fix

This script will remediate the BootHole bug identified in CVE-2020-25632 and/or CVE-2021-20233.

On July 29, 2020, Microsoft published security advisory 200011 that describes a new vulnerability that's related to Secure Boot.

Devices that trust the Microsoft third-party Unified Extensible Firmware Interface (UEFI) Certificate Authority (CA) in their Secure Boot configuration may be susceptible to an attacker who has administrative privileges or physical access to the device.

This script is to apply the latest Secure Boot DBX revocation list to invalidate the vulnerable modules. 

Paul Rowland - 2022

v1.0 - 19/07/2022

Steps for use:

1) Download the latest BootHoleFix.ps1 file and save it to a location such as "C:\Users\\%UserName%\Desktop".
2) Launch PowerShell as an admin.
3) Navigate to the directory above (typing "cd C:\Users\\%UserName%\Desktop").
4) Type ".\BootHoleFix.ps1" and hit Enter.
5) Close the window when the "Complete, you may now close this window..." message appears in green
File Snapshot

 [4.0K]  /data/pocs/9ffde3d4f5b1a345e8a1fdc59bf542dd0d316b51
├── [1.9K]  BootHoleFix.ps1
├── [ 34K]  LICENSE
└── [1.0K]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →