GRUB2 JFS Filesystem Module Integer Overflow Vulnerability Leading to Arbitrary Code Execution

An integer overflow vulnerability has been identified in the GRUB2 JFS filesystem module. When the module reads data from a JFS filesystem, it uses user-controlled parameters from the filesystem geometry to calculate the internal buffer size. However, it fails to properly validate these parameters, allowing a maliciously crafted filesystem to manipulate the buffer size calculations. This oversight can cause the buffer size to be smaller than expected, leading to a buffer overflow when the 'grub_jfs_lookup_symlink()' function writes past the internal buffer length during 'grub_jfs_read_file()'. This vulnerability could corrupt GRUB's critical internal data and potentially allow for arbitrary code execution, bypassing Secure Boot protections.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution, allowing an attacker to execute malicious code with the same privileges as the user running GRUB. This could also bypass Secure Boot protections.