Headline
RHSA-2022:5099: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap
- CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling
- CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap
- CVE-2022-28733: grub2: Integer underflow in grub_net_recv_ip4_packets
- CVE-2022-28734: grub2: Out-of-bound write when handling split HTTP headers
- CVE-2022-28735: grub2: shim_lock verifier allows non-kernel files to be loaded
- CVE-2022-28736: grub2: use-after-free in grub_cmd_chainloader()
- CVE-2022-28737: shim: Buffer overflow when loading crafted EFI images
Synopsis
Important: grub2, mokutil, shim, and shim-unsigned-x64 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices.
The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments.
Security Fix(es):
- grub2: Integer underflow in grub_net_recv_ip4_packets (CVE-2022-28733)
- grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap (CVE-2021-3695)
- grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling (CVE-2021-3696)
- grub2: Crafted JPEG image can lead to buffer underflow write in the heap (CVE-2021-3697)
- grub2: Out-of-bound write when handling split HTTP headers (CVE-2022-28734)
- grub2: shim_lock verifier allows non-kernel files to be loaded (CVE-2022-28735)
- grub2: use-after-free in grub_cmd_chainloader() (CVE-2022-28736)
- shim: Buffer overflow when loading crafted EFI images (CVE-2022-28737)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 9 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
- Red Hat Enterprise Linux for Power, little endian 9 ppc64le
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
- Red Hat Enterprise Linux for ARM 64 9 aarch64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
- Red Hat CodeReady Linux Builder for x86_64 9 x86_64
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0 x86_64
- Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64
Fixes
- BZ - 1991685 - CVE-2021-3695 grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap
- BZ - 1991686 - CVE-2021-3696 grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling
- BZ - 1991687 - CVE-2021-3697 grub2: Crafted JPEG image can lead to buffer underflow write in the heap
- BZ - 2083339 - CVE-2022-28733 grub2: Integer underflow in grub_net_recv_ip4_packets
- BZ - 2090463 - CVE-2022-28734 grub2: Out-of-bound write when handling split HTTP headers
- BZ - 2090857 - CVE-2022-28735 grub2: shim_lock verifier allows non-kernel files to be loaded
- BZ - 2090899 - CVE-2022-28737 shim: Buffer overflow when loading crafted EFI images
- BZ - 2092613 - CVE-2022-28736 grub2: use-after-free in grub_cmd_chainloader()
CVEs
- CVE-2021-3695
- CVE-2021-3696
- CVE-2021-3697
- CVE-2022-28733
- CVE-2022-28734
- CVE-2022-28735
- CVE-2022-28736
- CVE-2022-28737
Red Hat Enterprise Linux for x86_64 9
SRPM
grub2-2.06-27.el9_0.7.src.rpm
SHA-256: 36ea20b8f6f63510e398fce228aab74cdf41c546bceb9aa82102dbfe170c77c5
mokutil-0.4.0-8.el9_0.1.src.rpm
SHA-256: 4ee355d764cda1369fed740951d9c776e7227bc4bb0eeb70a67fece53c05e73e
shim-15.6-1.el9.src.rpm
SHA-256: 8fabbdffdfafe5f23218be58db30c3d0939c0617221b4516a062642c50e47599
x86_64
grub2-common-2.06-27.el9_0.7.noarch.rpm
SHA-256: 5dce742af31031ee706e4455ebe017b3c927a61c0a32ae5abe49e2c73dd194a2
grub2-debuginfo-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 7b38679987b9270fa3f0570ef78fbea82310460836ea806c4f07edaa02be98d2
grub2-debugsource-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 2fa32bc84a876ae95a946c077a0ad93360795e674dd6850bcc903fbb26463331
grub2-efi-aa64-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: ce757cddc3afe964f2faa4d7d12701560567a9327a80cbb8a92a1fbc5f7216e2
grub2-efi-x64-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 29b2d83ff35958efc195819eca20a3a80160b1b107559d05556a9f78addc2fcb
grub2-efi-x64-cdboot-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 368d2f4798d826d6fa3217e9beb93a7588837e8ade783df57505c16343971f6f
grub2-efi-x64-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: 57e458e1d1e10ef145ab25dbb801cefdc38873f52bb796d13e656342c7a2b5de
grub2-emu-debuginfo-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 6f21c27d6170c933ce258dbbef3b8d1ba0696f1a53fc047f35a1bf651b25aa82
grub2-pc-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 16c58bc688e7856e9b5af5220f0b142ddaceedcf561a535b8092f11037ade522
grub2-pc-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: ebb77a783f1c13b40f624717449378266fc20c1bc13cced80c3934d9737efe3e
grub2-tools-2.06-27.el9_0.7.x86_64.rpm
SHA-256: c0ddd30797d7dfd9302ac51dd7c5f9fcaa8760ba8ffff276a40c7ae606f8ade1
grub2-tools-debuginfo-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 7b7221064eca824506dbe0e99e7629c9487f39548775f0656423eceba75794ec
grub2-tools-efi-2.06-27.el9_0.7.x86_64.rpm
SHA-256: da7bd8a1857e7b20f7ac25be25228091f0e3467b5fab938638776dead3c6b2ff
grub2-tools-efi-debuginfo-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 384d2843468e01641e060ef0b2bf31a1d86bbdb0b3af6b5cdf59ae323e06e023
grub2-tools-extra-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 4deb6eb3fbb67dfce0567241ab9b4a5add9c59dfd5e51efbe52d77394d065a29
grub2-tools-extra-debuginfo-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 7f9213779f97ae5c3b2d117dc79403b8fca95ba557081d5ecc194724c887ffc3
grub2-tools-minimal-2.06-27.el9_0.7.x86_64.rpm
SHA-256: c8e0c387d1c060a8a401896e7caecd7c67898ca092157f7bdcb911a920d02948
grub2-tools-minimal-debuginfo-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 7d754c9b79233476d8ca6df85424711c1f102fb14c9b2de14cb0272861433404
mokutil-0.4.0-8.el9_0.1.x86_64.rpm
SHA-256: ae9be0082f99a84a224767916b84df195f0f3136c9a478d0ae2478f77a1a7981
mokutil-debuginfo-0.4.0-8.el9_0.1.x86_64.rpm
SHA-256: 6e5e948ffbfff055ad5f0079a63727c57417f6140feb74e1cf96f1837e16c84a
mokutil-debugsource-0.4.0-8.el9_0.1.x86_64.rpm
SHA-256: 3ee19b2c4ad415f1a231db33e62536443c012005dd412caf709e4acdf62ce9cc
shim-x64-15.6-1.el9.x86_64.rpm
SHA-256: df0896bc9cb5c6136f791408e5e5d5063fe65b94dabd45310dfc69816811cd0f
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0
SRPM
grub2-2.06-27.el9_0.7.src.rpm
SHA-256: 36ea20b8f6f63510e398fce228aab74cdf41c546bceb9aa82102dbfe170c77c5
mokutil-0.4.0-8.el9_0.1.src.rpm
SHA-256: 4ee355d764cda1369fed740951d9c776e7227bc4bb0eeb70a67fece53c05e73e
shim-15.6-1.el9.src.rpm
SHA-256: 8fabbdffdfafe5f23218be58db30c3d0939c0617221b4516a062642c50e47599
x86_64
grub2-common-2.06-27.el9_0.7.noarch.rpm
SHA-256: 5dce742af31031ee706e4455ebe017b3c927a61c0a32ae5abe49e2c73dd194a2
grub2-debuginfo-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 7b38679987b9270fa3f0570ef78fbea82310460836ea806c4f07edaa02be98d2
grub2-debugsource-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 2fa32bc84a876ae95a946c077a0ad93360795e674dd6850bcc903fbb26463331
grub2-efi-aa64-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: ce757cddc3afe964f2faa4d7d12701560567a9327a80cbb8a92a1fbc5f7216e2
grub2-efi-x64-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 29b2d83ff35958efc195819eca20a3a80160b1b107559d05556a9f78addc2fcb
grub2-efi-x64-cdboot-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 368d2f4798d826d6fa3217e9beb93a7588837e8ade783df57505c16343971f6f
grub2-efi-x64-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: 57e458e1d1e10ef145ab25dbb801cefdc38873f52bb796d13e656342c7a2b5de
grub2-emu-debuginfo-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 6f21c27d6170c933ce258dbbef3b8d1ba0696f1a53fc047f35a1bf651b25aa82
grub2-pc-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 16c58bc688e7856e9b5af5220f0b142ddaceedcf561a535b8092f11037ade522
grub2-pc-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: ebb77a783f1c13b40f624717449378266fc20c1bc13cced80c3934d9737efe3e
grub2-tools-2.06-27.el9_0.7.x86_64.rpm
SHA-256: c0ddd30797d7dfd9302ac51dd7c5f9fcaa8760ba8ffff276a40c7ae606f8ade1
grub2-tools-debuginfo-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 7b7221064eca824506dbe0e99e7629c9487f39548775f0656423eceba75794ec
grub2-tools-efi-2.06-27.el9_0.7.x86_64.rpm
SHA-256: da7bd8a1857e7b20f7ac25be25228091f0e3467b5fab938638776dead3c6b2ff
grub2-tools-efi-debuginfo-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 384d2843468e01641e060ef0b2bf31a1d86bbdb0b3af6b5cdf59ae323e06e023
grub2-tools-extra-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 4deb6eb3fbb67dfce0567241ab9b4a5add9c59dfd5e51efbe52d77394d065a29
grub2-tools-extra-debuginfo-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 7f9213779f97ae5c3b2d117dc79403b8fca95ba557081d5ecc194724c887ffc3
grub2-tools-minimal-2.06-27.el9_0.7.x86_64.rpm
SHA-256: c8e0c387d1c060a8a401896e7caecd7c67898ca092157f7bdcb911a920d02948
grub2-tools-minimal-debuginfo-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 7d754c9b79233476d8ca6df85424711c1f102fb14c9b2de14cb0272861433404
mokutil-0.4.0-8.el9_0.1.x86_64.rpm
SHA-256: ae9be0082f99a84a224767916b84df195f0f3136c9a478d0ae2478f77a1a7981
mokutil-debuginfo-0.4.0-8.el9_0.1.x86_64.rpm
SHA-256: 6e5e948ffbfff055ad5f0079a63727c57417f6140feb74e1cf96f1837e16c84a
mokutil-debugsource-0.4.0-8.el9_0.1.x86_64.rpm
SHA-256: 3ee19b2c4ad415f1a231db33e62536443c012005dd412caf709e4acdf62ce9cc
shim-x64-15.6-1.el9.x86_64.rpm
SHA-256: df0896bc9cb5c6136f791408e5e5d5063fe65b94dabd45310dfc69816811cd0f
Red Hat Enterprise Linux for Power, little endian 9
SRPM
grub2-2.06-27.el9_0.7.src.rpm
SHA-256: 36ea20b8f6f63510e398fce228aab74cdf41c546bceb9aa82102dbfe170c77c5
ppc64le
grub2-common-2.06-27.el9_0.7.noarch.rpm
SHA-256: 5dce742af31031ee706e4455ebe017b3c927a61c0a32ae5abe49e2c73dd194a2
grub2-debuginfo-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: d900101492043771a6c5bd5d94ef902145a843368ebaa89e0eb99577af28e666
grub2-debugsource-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: 60b0c51eb6a75f82952b9d979187254c79352349af98748e893d9c1a6e54febc
grub2-efi-aa64-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: ce757cddc3afe964f2faa4d7d12701560567a9327a80cbb8a92a1fbc5f7216e2
grub2-efi-x64-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: 57e458e1d1e10ef145ab25dbb801cefdc38873f52bb796d13e656342c7a2b5de
grub2-ppc64le-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: fb07398f25bfabdba1ec9d020c885260efd3be382e31936fe796fcb861afae48
grub2-ppc64le-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: 4db182668a166a1d6eac2bdb6fe809df1622af1e403f7588b3fd755cfdec275b
grub2-tools-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: 861c7c91cc0244fc78c8378431f4abb67fa9485a7a98d4048387b8140a5ecd2f
grub2-tools-debuginfo-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: 6258536a2bfdc3487b1bfa5e88abeaafdbd98edfd1179346e6b95fa72a3244ee
grub2-tools-extra-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: d55f326b89a34c9ff9a7c42f71ada8053970e456ef6c5f1798f89e306cc69384
grub2-tools-extra-debuginfo-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: 7fe99fc014125bbc4608e078da363803b34ecf6380f7bac54a593209e1d78434
grub2-tools-minimal-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: 89e448dcf212fea8887edef6bdb1ccf1a384cadeeebd3f9210c6a0548c761c43
grub2-tools-minimal-debuginfo-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: a8e4ab9abb923aba81cb825d952b946daebd84ed85c6dbdbf83b40ff0b2f8ce8
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0
SRPM
grub2-2.06-27.el9_0.7.src.rpm
SHA-256: 36ea20b8f6f63510e398fce228aab74cdf41c546bceb9aa82102dbfe170c77c5
ppc64le
grub2-common-2.06-27.el9_0.7.noarch.rpm
SHA-256: 5dce742af31031ee706e4455ebe017b3c927a61c0a32ae5abe49e2c73dd194a2
grub2-debuginfo-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: d900101492043771a6c5bd5d94ef902145a843368ebaa89e0eb99577af28e666
grub2-debugsource-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: 60b0c51eb6a75f82952b9d979187254c79352349af98748e893d9c1a6e54febc
grub2-efi-aa64-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: ce757cddc3afe964f2faa4d7d12701560567a9327a80cbb8a92a1fbc5f7216e2
grub2-efi-x64-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: 57e458e1d1e10ef145ab25dbb801cefdc38873f52bb796d13e656342c7a2b5de
grub2-ppc64le-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: fb07398f25bfabdba1ec9d020c885260efd3be382e31936fe796fcb861afae48
grub2-ppc64le-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: 4db182668a166a1d6eac2bdb6fe809df1622af1e403f7588b3fd755cfdec275b
grub2-tools-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: 861c7c91cc0244fc78c8378431f4abb67fa9485a7a98d4048387b8140a5ecd2f
grub2-tools-debuginfo-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: 6258536a2bfdc3487b1bfa5e88abeaafdbd98edfd1179346e6b95fa72a3244ee
grub2-tools-extra-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: d55f326b89a34c9ff9a7c42f71ada8053970e456ef6c5f1798f89e306cc69384
grub2-tools-extra-debuginfo-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: 7fe99fc014125bbc4608e078da363803b34ecf6380f7bac54a593209e1d78434
grub2-tools-minimal-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: 89e448dcf212fea8887edef6bdb1ccf1a384cadeeebd3f9210c6a0548c761c43
grub2-tools-minimal-debuginfo-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: a8e4ab9abb923aba81cb825d952b946daebd84ed85c6dbdbf83b40ff0b2f8ce8
Red Hat Enterprise Linux for ARM 64 9
SRPM
grub2-2.06-27.el9_0.7.src.rpm
SHA-256: 36ea20b8f6f63510e398fce228aab74cdf41c546bceb9aa82102dbfe170c77c5
mokutil-0.4.0-8.el9_0.1.src.rpm
SHA-256: 4ee355d764cda1369fed740951d9c776e7227bc4bb0eeb70a67fece53c05e73e
shim-15.6-1.el9.src.rpm
SHA-256: 8fabbdffdfafe5f23218be58db30c3d0939c0617221b4516a062642c50e47599
aarch64
grub2-common-2.06-27.el9_0.7.noarch.rpm
SHA-256: 5dce742af31031ee706e4455ebe017b3c927a61c0a32ae5abe49e2c73dd194a2
grub2-debuginfo-2.06-27.el9_0.7.aarch64.rpm
SHA-256: de20ec3ee2fb236d208f12838b9d8f845b67b06ba26fac0010f1760c70aff83b
grub2-debugsource-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 09ec88e5a878a7d147f6ea4f346b0f07d5e3e62896e064b964e1aaf08683597b
grub2-efi-aa64-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 97d2c2bbed83204313c57cf81dafe4a5574889e7a8f5536810c8937c813d97c8
grub2-efi-aa64-cdboot-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 42c8d12a7e913c07f3a6d008d74b3c42b4a214cad1c91905599ade3d8b716a7c
grub2-efi-aa64-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: ce757cddc3afe964f2faa4d7d12701560567a9327a80cbb8a92a1fbc5f7216e2
grub2-efi-x64-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: 57e458e1d1e10ef145ab25dbb801cefdc38873f52bb796d13e656342c7a2b5de
grub2-emu-debuginfo-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 6365cf6c534ee93564a873c402128a2de51f1f37b461b682075b34df86a1b238
grub2-tools-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 48a0f367c181f66583df7b3cf2c11d157fc84878f6e0ffc53519e17d88cd5b04
grub2-tools-debuginfo-2.06-27.el9_0.7.aarch64.rpm
SHA-256: e81b4e27acb1aeb7b5441888d0e5a52f3b90d4d2bdfd813c88e6ea72a94b9a3a
grub2-tools-extra-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 56451a7c7b7e5197adb01fb5f02d92ab0f82e99957611f7eacc68fadfa7f67d7
grub2-tools-extra-debuginfo-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 3f3df749573b06265295d3690d0cda7eed3f8678c8f28d006ad605f7a0e5dd3a
grub2-tools-minimal-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 2d0f3e0064167cafc8427a939f19468afadd3dc12b904efc13f3a903f805bea6
grub2-tools-minimal-debuginfo-2.06-27.el9_0.7.aarch64.rpm
SHA-256: f73f196932e7ded68a401ee7e0f5f33e3b7bc035e2b0be4cf5b54e0e3595773b
mokutil-0.4.0-8.el9_0.1.aarch64.rpm
SHA-256: a7430478616f42981ad5025bd7fe4e3e36d2b27f810f11e404549747eda12f9b
mokutil-debuginfo-0.4.0-8.el9_0.1.aarch64.rpm
SHA-256: 7daca5fe7235d5e2e381dcc2292195a1292b2f96a2a89e7b372652dc65958b95
mokutil-debugsource-0.4.0-8.el9_0.1.aarch64.rpm
SHA-256: 893bbb78ad44ce621356c043b0d4720a763ed01609cc4f04b3f4602f675a1783
shim-aa64-15.6-1.el9.aarch64.rpm
SHA-256: 70d4a2e5581a417a5becc9f5dc5cf822e6a0d69a4100c9e6fb6c834fa6bd7e53
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0
SRPM
grub2-2.06-27.el9_0.7.src.rpm
SHA-256: 36ea20b8f6f63510e398fce228aab74cdf41c546bceb9aa82102dbfe170c77c5
mokutil-0.4.0-8.el9_0.1.src.rpm
SHA-256: 4ee355d764cda1369fed740951d9c776e7227bc4bb0eeb70a67fece53c05e73e
shim-15.6-1.el9.src.rpm
SHA-256: 8fabbdffdfafe5f23218be58db30c3d0939c0617221b4516a062642c50e47599
aarch64
grub2-common-2.06-27.el9_0.7.noarch.rpm
SHA-256: 5dce742af31031ee706e4455ebe017b3c927a61c0a32ae5abe49e2c73dd194a2
grub2-debuginfo-2.06-27.el9_0.7.aarch64.rpm
SHA-256: de20ec3ee2fb236d208f12838b9d8f845b67b06ba26fac0010f1760c70aff83b
grub2-debugsource-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 09ec88e5a878a7d147f6ea4f346b0f07d5e3e62896e064b964e1aaf08683597b
grub2-efi-aa64-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 97d2c2bbed83204313c57cf81dafe4a5574889e7a8f5536810c8937c813d97c8
grub2-efi-aa64-cdboot-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 42c8d12a7e913c07f3a6d008d74b3c42b4a214cad1c91905599ade3d8b716a7c
grub2-efi-aa64-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: ce757cddc3afe964f2faa4d7d12701560567a9327a80cbb8a92a1fbc5f7216e2
grub2-efi-x64-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: 57e458e1d1e10ef145ab25dbb801cefdc38873f52bb796d13e656342c7a2b5de
grub2-emu-debuginfo-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 6365cf6c534ee93564a873c402128a2de51f1f37b461b682075b34df86a1b238
grub2-tools-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 48a0f367c181f66583df7b3cf2c11d157fc84878f6e0ffc53519e17d88cd5b04
grub2-tools-debuginfo-2.06-27.el9_0.7.aarch64.rpm
SHA-256: e81b4e27acb1aeb7b5441888d0e5a52f3b90d4d2bdfd813c88e6ea72a94b9a3a
grub2-tools-extra-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 56451a7c7b7e5197adb01fb5f02d92ab0f82e99957611f7eacc68fadfa7f67d7
grub2-tools-extra-debuginfo-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 3f3df749573b06265295d3690d0cda7eed3f8678c8f28d006ad605f7a0e5dd3a
grub2-tools-minimal-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 2d0f3e0064167cafc8427a939f19468afadd3dc12b904efc13f3a903f805bea6
grub2-tools-minimal-debuginfo-2.06-27.el9_0.7.aarch64.rpm
SHA-256: f73f196932e7ded68a401ee7e0f5f33e3b7bc035e2b0be4cf5b54e0e3595773b
mokutil-0.4.0-8.el9_0.1.aarch64.rpm
SHA-256: a7430478616f42981ad5025bd7fe4e3e36d2b27f810f11e404549747eda12f9b
mokutil-debuginfo-0.4.0-8.el9_0.1.aarch64.rpm
SHA-256: 7daca5fe7235d5e2e381dcc2292195a1292b2f96a2a89e7b372652dc65958b95
mokutil-debugsource-0.4.0-8.el9_0.1.aarch64.rpm
SHA-256: 893bbb78ad44ce621356c043b0d4720a763ed01609cc4f04b3f4602f675a1783
shim-aa64-15.6-1.el9.aarch64.rpm
SHA-256: 70d4a2e5581a417a5becc9f5dc5cf822e6a0d69a4100c9e6fb6c834fa6bd7e53
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0
SRPM
grub2-2.06-27.el9_0.7.src.rpm
SHA-256: 36ea20b8f6f63510e398fce228aab74cdf41c546bceb9aa82102dbfe170c77c5
ppc64le
grub2-common-2.06-27.el9_0.7.noarch.rpm
SHA-256: 5dce742af31031ee706e4455ebe017b3c927a61c0a32ae5abe49e2c73dd194a2
grub2-debuginfo-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: d900101492043771a6c5bd5d94ef902145a843368ebaa89e0eb99577af28e666
grub2-debugsource-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: 60b0c51eb6a75f82952b9d979187254c79352349af98748e893d9c1a6e54febc
grub2-efi-aa64-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: ce757cddc3afe964f2faa4d7d12701560567a9327a80cbb8a92a1fbc5f7216e2
grub2-efi-x64-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: 57e458e1d1e10ef145ab25dbb801cefdc38873f52bb796d13e656342c7a2b5de
grub2-ppc64le-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: fb07398f25bfabdba1ec9d020c885260efd3be382e31936fe796fcb861afae48
grub2-ppc64le-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: 4db182668a166a1d6eac2bdb6fe809df1622af1e403f7588b3fd755cfdec275b
grub2-tools-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: 861c7c91cc0244fc78c8378431f4abb67fa9485a7a98d4048387b8140a5ecd2f
grub2-tools-debuginfo-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: 6258536a2bfdc3487b1bfa5e88abeaafdbd98edfd1179346e6b95fa72a3244ee
grub2-tools-extra-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: d55f326b89a34c9ff9a7c42f71ada8053970e456ef6c5f1798f89e306cc69384
grub2-tools-extra-debuginfo-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: 7fe99fc014125bbc4608e078da363803b34ecf6380f7bac54a593209e1d78434
grub2-tools-minimal-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: 89e448dcf212fea8887edef6bdb1ccf1a384cadeeebd3f9210c6a0548c761c43
grub2-tools-minimal-debuginfo-2.06-27.el9_0.7.ppc64le.rpm
SHA-256: a8e4ab9abb923aba81cb825d952b946daebd84ed85c6dbdbf83b40ff0b2f8ce8
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0
SRPM
grub2-2.06-27.el9_0.7.src.rpm
SHA-256: 36ea20b8f6f63510e398fce228aab74cdf41c546bceb9aa82102dbfe170c77c5
mokutil-0.4.0-8.el9_0.1.src.rpm
SHA-256: 4ee355d764cda1369fed740951d9c776e7227bc4bb0eeb70a67fece53c05e73e
shim-15.6-1.el9.src.rpm
SHA-256: 8fabbdffdfafe5f23218be58db30c3d0939c0617221b4516a062642c50e47599
x86_64
grub2-common-2.06-27.el9_0.7.noarch.rpm
SHA-256: 5dce742af31031ee706e4455ebe017b3c927a61c0a32ae5abe49e2c73dd194a2
grub2-debuginfo-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 7b38679987b9270fa3f0570ef78fbea82310460836ea806c4f07edaa02be98d2
grub2-debugsource-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 2fa32bc84a876ae95a946c077a0ad93360795e674dd6850bcc903fbb26463331
grub2-efi-aa64-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: ce757cddc3afe964f2faa4d7d12701560567a9327a80cbb8a92a1fbc5f7216e2
grub2-efi-x64-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 29b2d83ff35958efc195819eca20a3a80160b1b107559d05556a9f78addc2fcb
grub2-efi-x64-cdboot-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 368d2f4798d826d6fa3217e9beb93a7588837e8ade783df57505c16343971f6f
grub2-efi-x64-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: 57e458e1d1e10ef145ab25dbb801cefdc38873f52bb796d13e656342c7a2b5de
grub2-emu-debuginfo-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 6f21c27d6170c933ce258dbbef3b8d1ba0696f1a53fc047f35a1bf651b25aa82
grub2-pc-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 16c58bc688e7856e9b5af5220f0b142ddaceedcf561a535b8092f11037ade522
grub2-pc-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: ebb77a783f1c13b40f624717449378266fc20c1bc13cced80c3934d9737efe3e
grub2-tools-2.06-27.el9_0.7.x86_64.rpm
SHA-256: c0ddd30797d7dfd9302ac51dd7c5f9fcaa8760ba8ffff276a40c7ae606f8ade1
grub2-tools-debuginfo-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 7b7221064eca824506dbe0e99e7629c9487f39548775f0656423eceba75794ec
grub2-tools-efi-2.06-27.el9_0.7.x86_64.rpm
SHA-256: da7bd8a1857e7b20f7ac25be25228091f0e3467b5fab938638776dead3c6b2ff
grub2-tools-efi-debuginfo-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 384d2843468e01641e060ef0b2bf31a1d86bbdb0b3af6b5cdf59ae323e06e023
grub2-tools-extra-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 4deb6eb3fbb67dfce0567241ab9b4a5add9c59dfd5e51efbe52d77394d065a29
grub2-tools-extra-debuginfo-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 7f9213779f97ae5c3b2d117dc79403b8fca95ba557081d5ecc194724c887ffc3
grub2-tools-minimal-2.06-27.el9_0.7.x86_64.rpm
SHA-256: c8e0c387d1c060a8a401896e7caecd7c67898ca092157f7bdcb911a920d02948
grub2-tools-minimal-debuginfo-2.06-27.el9_0.7.x86_64.rpm
SHA-256: 7d754c9b79233476d8ca6df85424711c1f102fb14c9b2de14cb0272861433404
mokutil-0.4.0-8.el9_0.1.x86_64.rpm
SHA-256: ae9be0082f99a84a224767916b84df195f0f3136c9a478d0ae2478f77a1a7981
mokutil-debuginfo-0.4.0-8.el9_0.1.x86_64.rpm
SHA-256: 6e5e948ffbfff055ad5f0079a63727c57417f6140feb74e1cf96f1837e16c84a
mokutil-debugsource-0.4.0-8.el9_0.1.x86_64.rpm
SHA-256: 3ee19b2c4ad415f1a231db33e62536443c012005dd412caf709e4acdf62ce9cc
shim-x64-15.6-1.el9.x86_64.rpm
SHA-256: df0896bc9cb5c6136f791408e5e5d5063fe65b94dabd45310dfc69816811cd0f
Red Hat CodeReady Linux Builder for x86_64 9
SRPM
shim-unsigned-x64-15.6-1.el9.src.rpm
SHA-256: fb4a0875053259688a911eecbe53fc7ee3255d46f4e732a309b138a0b36c4edb
x86_64
shim-unsigned-x64-15.6-1.el9.x86_64.rpm
SHA-256: 62ff4e844b9945a82b4d38706ee54775c7cec78b59c14b18e96f0ce742dcb73e
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0
SRPM
shim-unsigned-x64-15.6-1.el9.src.rpm
SHA-256: fb4a0875053259688a911eecbe53fc7ee3255d46f4e732a309b138a0b36c4edb
x86_64
shim-unsigned-x64-15.6-1.el9.x86_64.rpm
SHA-256: 62ff4e844b9945a82b4d38706ee54775c7cec78b59c14b18e96f0ce742dcb73e
Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0
SRPM
grub2-2.06-27.el9_0.7.src.rpm
SHA-256: 36ea20b8f6f63510e398fce228aab74cdf41c546bceb9aa82102dbfe170c77c5
mokutil-0.4.0-8.el9_0.1.src.rpm
SHA-256: 4ee355d764cda1369fed740951d9c776e7227bc4bb0eeb70a67fece53c05e73e
shim-15.6-1.el9.src.rpm
SHA-256: 8fabbdffdfafe5f23218be58db30c3d0939c0617221b4516a062642c50e47599
aarch64
grub2-common-2.06-27.el9_0.7.noarch.rpm
SHA-256: 5dce742af31031ee706e4455ebe017b3c927a61c0a32ae5abe49e2c73dd194a2
grub2-debuginfo-2.06-27.el9_0.7.aarch64.rpm
SHA-256: de20ec3ee2fb236d208f12838b9d8f845b67b06ba26fac0010f1760c70aff83b
grub2-debugsource-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 09ec88e5a878a7d147f6ea4f346b0f07d5e3e62896e064b964e1aaf08683597b
grub2-efi-aa64-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 97d2c2bbed83204313c57cf81dafe4a5574889e7a8f5536810c8937c813d97c8
grub2-efi-aa64-cdboot-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 42c8d12a7e913c07f3a6d008d74b3c42b4a214cad1c91905599ade3d8b716a7c
grub2-efi-aa64-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: ce757cddc3afe964f2faa4d7d12701560567a9327a80cbb8a92a1fbc5f7216e2
grub2-efi-x64-modules-2.06-27.el9_0.7.noarch.rpm
SHA-256: 57e458e1d1e10ef145ab25dbb801cefdc38873f52bb796d13e656342c7a2b5de
grub2-emu-debuginfo-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 6365cf6c534ee93564a873c402128a2de51f1f37b461b682075b34df86a1b238
grub2-tools-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 48a0f367c181f66583df7b3cf2c11d157fc84878f6e0ffc53519e17d88cd5b04
grub2-tools-debuginfo-2.06-27.el9_0.7.aarch64.rpm
SHA-256: e81b4e27acb1aeb7b5441888d0e5a52f3b90d4d2bdfd813c88e6ea72a94b9a3a
grub2-tools-extra-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 56451a7c7b7e5197adb01fb5f02d92ab0f82e99957611f7eacc68fadfa7f67d7
grub2-tools-extra-debuginfo-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 3f3df749573b06265295d3690d0cda7eed3f8678c8f28d006ad605f7a0e5dd3a
grub2-tools-minimal-2.06-27.el9_0.7.aarch64.rpm
SHA-256: 2d0f3e0064167cafc8427a939f19468afadd3dc12b904efc13f3a903f805bea6
grub2-tools-minimal-debuginfo-2.06-27.el9_0.7.aarch64.rpm
SHA-256: f73f196932e7ded68a401ee7e0f5f33e3b7bc035e2b0be4cf5b54e0e3595773b
mokutil-0.4.0-8.el9_0.1.aarch64.rpm
SHA-256: a7430478616f42981ad5025bd7fe4e3e36d2b27f810f11e404549747eda12f9b
mokutil-debuginfo-0.4.0-8.el9_0.1.aarch64.rpm
SHA-256: 7daca5fe7235d5e2e381dcc2292195a1292b2f96a2a89e7b372652dc65958b95
mokutil-debugsource-0.4.0-8.el9_0.1.aarch64.rpm
SHA-256: 893bbb78ad44ce621356c043b0d4720a763ed01609cc4f04b3f4602f675a1783
shim-aa64-15.6-1.el9.aarch64.rpm
SHA-256: 70d4a2e5581a417a5becc9f5dc5cf822e6a0d69a4100c9e6fb6c834fa6bd7e53
Related news
This is the third part of Vincent Danen’s “Patch management needs a revolution” series.Patch management needs a revolution, part 1: Surveying cybersecurity’s lineagePatch management needs a revolution, part 2: The flood of vulnerabilitiesVulnerability ratings are the foundation for a good risk-based vulnerability management program, especially if they’re from a trusted party. Recently I was discussing this topic with a customer and they said they practiced Zero Trust, as if to explain why they could not trust our ratings. The irony, however, is that they did use National Vulnerabilit
An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads that may be deployed during this time window. This issue impacts HyperCloud versions from 2.0.0 to before 2.0.3.
Ubuntu Security Notice 6355-1 - Daniel Axtens discovered that specially crafted images could cause a heap-based out-of-bonds write. A local attacker could possibly use this to circumvent secure boot protections. Daniel Axtens discovered that specially crafted images could cause out-of-bonds read and write. A local attacker could possibly use this to circumvent secure boot protections. Daniel Axtens discovered that specially crafted images could cause buffer underwrite which allows arbitrary data to be written to a heap. A local attacker could possibly use this to circumvent secure boot protections.
There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code execution is not discarded in such scenario.
Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic signature vulnerability. An attacker can trick a high privileged user to install a malicious binary by bypassing the existing cryptographic signature checks
Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.
Dell EMC Metro node, Version(s) prior to 7.1, contain a Code Injection Vulnerability. An authenticated nonprivileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application.
Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]
An update for grub2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-28733: grub2: Integer underflow in grub_net_recv_ip4_packets
Gentoo Linux Security Advisory 202209-12 - Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass. Versions less than 2.06 are affected.
Red Hat Security Advisory 2022-5069-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.0. Issues addressed include code execution, cross site scripting, denial of service, information leakage, and traversal vulnerabilities.
Red Hat OpenShift Container Platform release 4.11.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-23566: nanoid: Information disclosure via valueOf() function * CVE-2021-23648: sanitize-url: XSS * CVE-2021-41190: opencontainers: OCI manifest and index parsing confusion * CVE-2021-44906:...
An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27666: kernel: buffer overflow in IPsec ESP transformation code * CVE-2022-28733: grub2: Integer underflow in grub_net_recv_ip4_packets
Red Hat Advanced Cluster Management for Kubernetes 2.5.1 General Availability release images, which fix security issues and bugs. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24450: nats-server: misusing the "dynamically provisioned sandbox accounts" feature authenticated user can obtain the privileges of the System account
A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be exploited as an attacker needs to perform some triage over the heap layout to achieve signifcant results, also the values written into the memory are repeated three times in a row making difficult to produce valid payloads. This flaw affects grub2 versions prior grub-2.12.
Red Hat Security Advisory 2022-5392-01 - Red Hat Advanced Cluster Management for Kubernetes 2.3.11 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which resolve security issues and fix several bugs. Issues addressed include a traversal vulnerability.
Red Hat Advanced Cluster Management for Kubernetes 2.3.11 general availability release images, which provide security updates and bug fixes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0235: node-fetch: exposure of sensitive information to an unauthorized actor * CVE-2022-0536: follow-redirects: Exposure of Sensitive Information via Authorization Header leak * CVE-2022-21803: nconf: Prototype pollution in memory store * CVE-2022-23806: golang: crypto/elliptic IsOnCurv...
Red Hat Security Advisory 2022-5201-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.5 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which apply security fixes and fix several bugs. Issues addressed include a traversal vulnerability.
Red Hat Advanced Cluster Management for Kubernetes 2.4.5 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-43565: golang.org/x/crypto: empty plaintext packet causes panic * CVE-2022-21803: nconf: Prototype pollution in memory store * CVE-2022-23806: golang: crypto/elliptic IsOnCurve returns true for invalid field elements * CVE-2022-24450: nats-server: misusing the "dynamically provisioned sand...
Red Hat Security Advisory 2022-5099-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-5100-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-5095-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-5096-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-5098-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733:...
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733:...
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733:...
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733:...
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733:...
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733:...
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733:...
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733:...
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733: grub2: Integer underflow ...
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733: grub2: Integer underflow ...
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733: grub2: Integer underflow ...
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733: grub2: Integer underflow ...
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733: grub2: Integer underflow ...
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733: grub2: Integer underflow ...
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733: grub2: Integer underflow ...
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733: grub2: Integer underflow ...
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733:...
An update for grub2, mokutil, and shim is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733: grub2: I...