Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2021:2790: Red Hat Security Advisory: shim and fwupd security update

An update for fwupd, shim, shim-unsigned-aarch64, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. The fwupd packages provide a service that allows session software to update device firmware. The following packages have been upgraded to a later upstream version: shim (15.4). (BZ#1932411) Security Fix(es):

  • grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled (CVE-2020-14372)
  • grub2: Use-after-free in rmmod command (CVE-2020-25632)
  • grub2: Out-of-bounds write in grub_usb_device_initialize() (CVE-2020-25647)
  • grub2: Stack buffer overflow in grub_parser_split_cmdline() (CVE-2020-27749)
  • grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled (CVE-2020-27779)
  • grub2: Heap out-of-bounds write in short form option parser (CVE-2021-20225)
  • grub2: Heap out-of-bounds write due to miscalculation of space required for quoting (CVE-2021-20233) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Related CVEs:
  • CVE-2020-14372: grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled
  • CVE-2020-25632: grub2: Use-after-free in rmmod command
  • CVE-2020-25647: grub2: Out-of-bounds write in grub_usb_device_initialize()
  • CVE-2020-27749: grub2: Stack buffer overflow in grub_parser_split_cmdline()
  • CVE-2020-27779: grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled
  • CVE-2021-20225: grub2: Heap out-of-bounds write in short form option parser
  • CVE-2021-20233: grub2: Heap out-of-bounds write due to miscalculation of space required for quoting
Red Hat Security Data
Open in Source
#vulnerability#linux#red_hat

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Red Hat Security Data