{"api_version":"1","generated_at":"2026-04-20T20:55:32+00:00","cve":"CVE-2022-3775","urls":{"html":"https://cve.report/CVE-2022-3775","api":"https://cve.report/api/cve/CVE-2022-3775.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-3775","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-3775"},"summary":{"title":"CVE-2022-3775","description":"When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2022-12-19 20:15:00","updated_at":"2023-11-25 12:15:00"},"problem_types":["CWE-787"],"metrics":[],"references":[{"url":"https://security.gentoo.org/glsa/202311-14","name":"GLSA-202311-14","refsource":"","tags":[],"title":"GRUB: Multiple Vulnerabilities (GLSA 202311-14) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/security/cve/cve-2022-3775","name":"https://access.redhat.com/security/cve/cve-2022-3775","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-3775","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3775","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"3775","vulnerable":"1","versionEndIncluding":"2.06","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnu","cpe5":"grub2","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"3775","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-3775","qid":"160386","title":"Oracle Enterprise Linux Security Update for grub2 (ELSA-2023-12019)"},{"cve":"CVE-2022-3775","qid":"160437","title":"Oracle Enterprise Linux Security Update for grub2 (ELSA-2023-0049)"},{"cve":"CVE-2022-3775","qid":"160730","title":"Oracle Enterprise Linux Security Update for grub2 (ELSA-2023-0752)"},{"cve":"CVE-2022-3775","qid":"181216","title":"Debian Security Update for grub2 (DSA 5280-1)"},{"cve":"CVE-2022-3775","qid":"181218","title":"Debian Security Update for grub2 (DLA 3190-1)"},{"cve":"CVE-2022-3775","qid":"181312","title":"Debian Security Update for grub2 (DLA 3190-2)"},{"cve":"CVE-2022-3775","qid":"182045","title":"Debian Security Update for grub2 (CVE-2022-3775)"},{"cve":"CVE-2022-3775","qid":"241007","title":"Red Hat Update for grub2 (RHSA-2022:8978)"},{"cve":"CVE-2022-3775","qid":"241037","title":"Red Hat Update for grub2 (RHSA-2023:0047)"},{"cve":"CVE-2022-3775","qid":"241040","title":"Red Hat Update for grub2 (RHSA-2023:0048)"},{"cve":"CVE-2022-3775","qid":"241042","title":"Red Hat Update for grub2 (RHSA-2023:0049)"},{"cve":"CVE-2022-3775","qid":"241185","title":"Red Hat Update for grub2 (RHSA-2023:0752)"},{"cve":"CVE-2022-3775","qid":"283350","title":"Fedora Security Update for grub2 (FEDORA-2022-f86e203baf)"},{"cve":"CVE-2022-3775","qid":"283365","title":"Fedora Security Update for grub2 (FEDORA-2022-7ce9378e90)"},{"cve":"CVE-2022-3775","qid":"283416","title":"Fedora Security Update for grub2 (FEDORA-2022-dec4cdacd7)"},{"cve":"CVE-2022-3775","qid":"355137","title":"Amazon Linux Security Advisory for grub2 : ALAS2023-2023-020"},{"cve":"CVE-2022-3775","qid":"355617","title":"Amazon Linux Security Advisory for grub2 : ALAS2-2023-2146"},{"cve":"CVE-2022-3775","qid":"377900","title":"Alibaba Cloud Linux Security Update for grub2 (ALINUX3-SA-2023:0003)"},{"cve":"CVE-2022-3775","qid":"672656","title":"EulerOS Security Update for grub2 (EulerOS-SA-2023-1386)"},{"cve":"CVE-2022-3775","qid":"672662","title":"EulerOS Security Update for grub2 (EulerOS-SA-2023-1358)"},{"cve":"CVE-2022-3775","qid":"672671","title":"EulerOS Security Update for grub2 (EulerOS-SA-2023-1407)"},{"cve":"CVE-2022-3775","qid":"672693","title":"EulerOS Security Update for grub2 (EulerOS-SA-2023-1422)"},{"cve":"CVE-2022-3775","qid":"672717","title":"EulerOS Security Update for grub2 (EulerOS-SA-2023-1443)"},{"cve":"CVE-2022-3775","qid":"672766","title":"EulerOS Security Update for grub2 (EulerOS-SA-2023-1468)"},{"cve":"CVE-2022-3775","qid":"672880","title":"EulerOS Security Update for grub2 (EulerOS-SA-2023-1595)"},{"cve":"CVE-2022-3775","qid":"710796","title":"Gentoo Linux GRUB Multiple Vulnerabilities (GLSA 202311-14)"},{"cve":"CVE-2022-3775","qid":"752845","title":"SUSE Enterprise Linux Security Update for grub2 (SUSE-SU-2022:4219-1)"},{"cve":"CVE-2022-3775","qid":"752900","title":"SUSE Enterprise Linux Security Update for grub2 (SUSE-SU-2022:4218-1)"},{"cve":"CVE-2022-3775","qid":"752909","title":"SUSE Enterprise Linux Security Update for grub2 (SUSE-SU-2022:4141-1)"},{"cve":"CVE-2022-3775","qid":"752923","title":"SUSE Enterprise Linux Security Update for grub2 (SUSE-SU-2022:4140-1)"},{"cve":"CVE-2022-3775","qid":"752932","title":"SUSE Enterprise Linux Security Update for grub2 (SUSE-SU-2022:4142-1)"},{"cve":"CVE-2022-3775","qid":"752964","title":"SUSE Enterprise Linux Security Update for grub2 (SUSE-SU-2022:4302-1)"},{"cve":"CVE-2022-3775","qid":"904743","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for grub2 (12080)"},{"cve":"CVE-2022-3775","qid":"904761","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for grub2 (12079)"},{"cve":"CVE-2022-3775","qid":"905656","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for grub2 (12080-1)"},{"cve":"CVE-2022-3775","qid":"906578","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for grub2 (12080-3)"},{"cve":"CVE-2022-3775","qid":"907025","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for grub2 (12079-1)"},{"cve":"CVE-2022-3775","qid":"940866","title":"AlmaLinux Security Update for grub2 (ALSA-2023:0049)"},{"cve":"CVE-2022-3775","qid":"940924","title":"AlmaLinux Security Update for grub2 (ALSA-2023:0752)"},{"cve":"CVE-2022-3775","qid":"960514","title":"Rocky Linux Security Update for grub2 (RLSA-2023:0049)"},{"cve":"CVE-2022-3775","qid":"960577","title":"Rocky Linux Security Update for grub2 (RLSA-2023:0752)"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2022-3775","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"grub2","version":{"version_data":[{"version_value":"All up to 2.06"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-787"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://access.redhat.com/security/cve/cve-2022-3775","url":"https://access.redhat.com/security/cve/cve-2022-3775"}]},"description":{"description_data":[{"lang":"eng","value":"When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded."}]}},"nvd":{"publishedDate":"2022-12-19 20:15:00","lastModifiedDate":"2023-11-25 12:15:00","problem_types":["CWE-787"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.1,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*","versionEndIncluding":"2.06","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}