Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:5099: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update

An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap
  • CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling
  • CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap
  • CVE-2022-28733: grub2: Integer underflow in grub_net_recv_ip4_packets
  • CVE-2022-28734: grub2: Out-of-bound write when handling split HTTP headers
  • CVE-2022-28735: grub2: shim_lock verifier allows non-kernel files to be loaded
  • CVE-2022-28736: grub2: use-after-free in grub_cmd_chainloader()
  • CVE-2022-28737: shim: Buffer overflow when loading crafted EFI images
Red Hat Security Data
#vulnerability#linux#red_hat#buffer_overflow#sap

Synopsis

Important: grub2, mokutil, shim, and shim-unsigned-x64 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices.

The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments.

Security Fix(es):

  • grub2: Integer underflow in grub_net_recv_ip4_packets (CVE-2022-28733)
  • grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap (CVE-2021-3695)
  • grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling (CVE-2021-3696)
  • grub2: Crafted JPEG image can lead to buffer underflow write in the heap (CVE-2021-3697)
  • grub2: Out-of-bound write when handling split HTTP headers (CVE-2022-28734)
  • grub2: shim_lock verifier allows non-kernel files to be loaded (CVE-2022-28735)
  • grub2: use-after-free in grub_cmd_chainloader() (CVE-2022-28736)
  • shim: Buffer overflow when loading crafted EFI images (CVE-2022-28737)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 9 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0 x86_64
  • Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64

Fixes

  • BZ - 1991685 - CVE-2021-3695 grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap
  • BZ - 1991686 - CVE-2021-3696 grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling
  • BZ - 1991687 - CVE-2021-3697 grub2: Crafted JPEG image can lead to buffer underflow write in the heap
  • BZ - 2083339 - CVE-2022-28733 grub2: Integer underflow in grub_net_recv_ip4_packets
  • BZ - 2090463 - CVE-2022-28734 grub2: Out-of-bound write when handling split HTTP headers
  • BZ - 2090857 - CVE-2022-28735 grub2: shim_lock verifier allows non-kernel files to be loaded
  • BZ - 2090899 - CVE-2022-28737 shim: Buffer overflow when loading crafted EFI images
  • BZ - 2092613 - CVE-2022-28736 grub2: use-after-free in grub_cmd_chainloader()

CVEs

  • CVE-2021-3695
  • CVE-2021-3696
  • CVE-2021-3697
  • CVE-2022-28733
  • CVE-2022-28734
  • CVE-2022-28735
  • CVE-2022-28736
  • CVE-2022-28737

Red Hat Enterprise Linux for x86_64 9

SRPM

grub2-2.06-27.el9_0.7.src.rpm

SHA-256: 36ea20b8f6f63510e398fce228aab74cdf41c546bceb9aa82102dbfe170c77c5

mokutil-0.4.0-8.el9_0.1.src.rpm

SHA-256: 4ee355d764cda1369fed740951d9c776e7227bc4bb0eeb70a67fece53c05e73e

shim-15.6-1.el9.src.rpm

SHA-256: 8fabbdffdfafe5f23218be58db30c3d0939c0617221b4516a062642c50e47599

x86_64

grub2-common-2.06-27.el9_0.7.noarch.rpm

SHA-256: 5dce742af31031ee706e4455ebe017b3c927a61c0a32ae5abe49e2c73dd194a2

grub2-debuginfo-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 7b38679987b9270fa3f0570ef78fbea82310460836ea806c4f07edaa02be98d2

grub2-debugsource-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 2fa32bc84a876ae95a946c077a0ad93360795e674dd6850bcc903fbb26463331

grub2-efi-aa64-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: ce757cddc3afe964f2faa4d7d12701560567a9327a80cbb8a92a1fbc5f7216e2

grub2-efi-x64-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 29b2d83ff35958efc195819eca20a3a80160b1b107559d05556a9f78addc2fcb

grub2-efi-x64-cdboot-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 368d2f4798d826d6fa3217e9beb93a7588837e8ade783df57505c16343971f6f

grub2-efi-x64-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: 57e458e1d1e10ef145ab25dbb801cefdc38873f52bb796d13e656342c7a2b5de

grub2-emu-debuginfo-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 6f21c27d6170c933ce258dbbef3b8d1ba0696f1a53fc047f35a1bf651b25aa82

grub2-pc-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 16c58bc688e7856e9b5af5220f0b142ddaceedcf561a535b8092f11037ade522

grub2-pc-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: ebb77a783f1c13b40f624717449378266fc20c1bc13cced80c3934d9737efe3e

grub2-tools-2.06-27.el9_0.7.x86_64.rpm

SHA-256: c0ddd30797d7dfd9302ac51dd7c5f9fcaa8760ba8ffff276a40c7ae606f8ade1

grub2-tools-debuginfo-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 7b7221064eca824506dbe0e99e7629c9487f39548775f0656423eceba75794ec

grub2-tools-efi-2.06-27.el9_0.7.x86_64.rpm

SHA-256: da7bd8a1857e7b20f7ac25be25228091f0e3467b5fab938638776dead3c6b2ff

grub2-tools-efi-debuginfo-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 384d2843468e01641e060ef0b2bf31a1d86bbdb0b3af6b5cdf59ae323e06e023

grub2-tools-extra-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 4deb6eb3fbb67dfce0567241ab9b4a5add9c59dfd5e51efbe52d77394d065a29

grub2-tools-extra-debuginfo-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 7f9213779f97ae5c3b2d117dc79403b8fca95ba557081d5ecc194724c887ffc3

grub2-tools-minimal-2.06-27.el9_0.7.x86_64.rpm

SHA-256: c8e0c387d1c060a8a401896e7caecd7c67898ca092157f7bdcb911a920d02948

grub2-tools-minimal-debuginfo-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 7d754c9b79233476d8ca6df85424711c1f102fb14c9b2de14cb0272861433404

mokutil-0.4.0-8.el9_0.1.x86_64.rpm

SHA-256: ae9be0082f99a84a224767916b84df195f0f3136c9a478d0ae2478f77a1a7981

mokutil-debuginfo-0.4.0-8.el9_0.1.x86_64.rpm

SHA-256: 6e5e948ffbfff055ad5f0079a63727c57417f6140feb74e1cf96f1837e16c84a

mokutil-debugsource-0.4.0-8.el9_0.1.x86_64.rpm

SHA-256: 3ee19b2c4ad415f1a231db33e62536443c012005dd412caf709e4acdf62ce9cc

shim-x64-15.6-1.el9.x86_64.rpm

SHA-256: df0896bc9cb5c6136f791408e5e5d5063fe65b94dabd45310dfc69816811cd0f

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0

SRPM

grub2-2.06-27.el9_0.7.src.rpm

SHA-256: 36ea20b8f6f63510e398fce228aab74cdf41c546bceb9aa82102dbfe170c77c5

mokutil-0.4.0-8.el9_0.1.src.rpm

SHA-256: 4ee355d764cda1369fed740951d9c776e7227bc4bb0eeb70a67fece53c05e73e

shim-15.6-1.el9.src.rpm

SHA-256: 8fabbdffdfafe5f23218be58db30c3d0939c0617221b4516a062642c50e47599

x86_64

grub2-common-2.06-27.el9_0.7.noarch.rpm

SHA-256: 5dce742af31031ee706e4455ebe017b3c927a61c0a32ae5abe49e2c73dd194a2

grub2-debuginfo-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 7b38679987b9270fa3f0570ef78fbea82310460836ea806c4f07edaa02be98d2

grub2-debugsource-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 2fa32bc84a876ae95a946c077a0ad93360795e674dd6850bcc903fbb26463331

grub2-efi-aa64-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: ce757cddc3afe964f2faa4d7d12701560567a9327a80cbb8a92a1fbc5f7216e2

grub2-efi-x64-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 29b2d83ff35958efc195819eca20a3a80160b1b107559d05556a9f78addc2fcb

grub2-efi-x64-cdboot-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 368d2f4798d826d6fa3217e9beb93a7588837e8ade783df57505c16343971f6f

grub2-efi-x64-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: 57e458e1d1e10ef145ab25dbb801cefdc38873f52bb796d13e656342c7a2b5de

grub2-emu-debuginfo-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 6f21c27d6170c933ce258dbbef3b8d1ba0696f1a53fc047f35a1bf651b25aa82

grub2-pc-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 16c58bc688e7856e9b5af5220f0b142ddaceedcf561a535b8092f11037ade522

grub2-pc-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: ebb77a783f1c13b40f624717449378266fc20c1bc13cced80c3934d9737efe3e

grub2-tools-2.06-27.el9_0.7.x86_64.rpm

SHA-256: c0ddd30797d7dfd9302ac51dd7c5f9fcaa8760ba8ffff276a40c7ae606f8ade1

grub2-tools-debuginfo-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 7b7221064eca824506dbe0e99e7629c9487f39548775f0656423eceba75794ec

grub2-tools-efi-2.06-27.el9_0.7.x86_64.rpm

SHA-256: da7bd8a1857e7b20f7ac25be25228091f0e3467b5fab938638776dead3c6b2ff

grub2-tools-efi-debuginfo-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 384d2843468e01641e060ef0b2bf31a1d86bbdb0b3af6b5cdf59ae323e06e023

grub2-tools-extra-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 4deb6eb3fbb67dfce0567241ab9b4a5add9c59dfd5e51efbe52d77394d065a29

grub2-tools-extra-debuginfo-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 7f9213779f97ae5c3b2d117dc79403b8fca95ba557081d5ecc194724c887ffc3

grub2-tools-minimal-2.06-27.el9_0.7.x86_64.rpm

SHA-256: c8e0c387d1c060a8a401896e7caecd7c67898ca092157f7bdcb911a920d02948

grub2-tools-minimal-debuginfo-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 7d754c9b79233476d8ca6df85424711c1f102fb14c9b2de14cb0272861433404

mokutil-0.4.0-8.el9_0.1.x86_64.rpm

SHA-256: ae9be0082f99a84a224767916b84df195f0f3136c9a478d0ae2478f77a1a7981

mokutil-debuginfo-0.4.0-8.el9_0.1.x86_64.rpm

SHA-256: 6e5e948ffbfff055ad5f0079a63727c57417f6140feb74e1cf96f1837e16c84a

mokutil-debugsource-0.4.0-8.el9_0.1.x86_64.rpm

SHA-256: 3ee19b2c4ad415f1a231db33e62536443c012005dd412caf709e4acdf62ce9cc

shim-x64-15.6-1.el9.x86_64.rpm

SHA-256: df0896bc9cb5c6136f791408e5e5d5063fe65b94dabd45310dfc69816811cd0f

Red Hat Enterprise Linux for Power, little endian 9

SRPM

grub2-2.06-27.el9_0.7.src.rpm

SHA-256: 36ea20b8f6f63510e398fce228aab74cdf41c546bceb9aa82102dbfe170c77c5

ppc64le

grub2-common-2.06-27.el9_0.7.noarch.rpm

SHA-256: 5dce742af31031ee706e4455ebe017b3c927a61c0a32ae5abe49e2c73dd194a2

grub2-debuginfo-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: d900101492043771a6c5bd5d94ef902145a843368ebaa89e0eb99577af28e666

grub2-debugsource-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: 60b0c51eb6a75f82952b9d979187254c79352349af98748e893d9c1a6e54febc

grub2-efi-aa64-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: ce757cddc3afe964f2faa4d7d12701560567a9327a80cbb8a92a1fbc5f7216e2

grub2-efi-x64-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: 57e458e1d1e10ef145ab25dbb801cefdc38873f52bb796d13e656342c7a2b5de

grub2-ppc64le-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: fb07398f25bfabdba1ec9d020c885260efd3be382e31936fe796fcb861afae48

grub2-ppc64le-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: 4db182668a166a1d6eac2bdb6fe809df1622af1e403f7588b3fd755cfdec275b

grub2-tools-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: 861c7c91cc0244fc78c8378431f4abb67fa9485a7a98d4048387b8140a5ecd2f

grub2-tools-debuginfo-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: 6258536a2bfdc3487b1bfa5e88abeaafdbd98edfd1179346e6b95fa72a3244ee

grub2-tools-extra-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: d55f326b89a34c9ff9a7c42f71ada8053970e456ef6c5f1798f89e306cc69384

grub2-tools-extra-debuginfo-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: 7fe99fc014125bbc4608e078da363803b34ecf6380f7bac54a593209e1d78434

grub2-tools-minimal-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: 89e448dcf212fea8887edef6bdb1ccf1a384cadeeebd3f9210c6a0548c761c43

grub2-tools-minimal-debuginfo-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: a8e4ab9abb923aba81cb825d952b946daebd84ed85c6dbdbf83b40ff0b2f8ce8

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0

SRPM

grub2-2.06-27.el9_0.7.src.rpm

SHA-256: 36ea20b8f6f63510e398fce228aab74cdf41c546bceb9aa82102dbfe170c77c5

ppc64le

grub2-common-2.06-27.el9_0.7.noarch.rpm

SHA-256: 5dce742af31031ee706e4455ebe017b3c927a61c0a32ae5abe49e2c73dd194a2

grub2-debuginfo-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: d900101492043771a6c5bd5d94ef902145a843368ebaa89e0eb99577af28e666

grub2-debugsource-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: 60b0c51eb6a75f82952b9d979187254c79352349af98748e893d9c1a6e54febc

grub2-efi-aa64-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: ce757cddc3afe964f2faa4d7d12701560567a9327a80cbb8a92a1fbc5f7216e2

grub2-efi-x64-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: 57e458e1d1e10ef145ab25dbb801cefdc38873f52bb796d13e656342c7a2b5de

grub2-ppc64le-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: fb07398f25bfabdba1ec9d020c885260efd3be382e31936fe796fcb861afae48

grub2-ppc64le-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: 4db182668a166a1d6eac2bdb6fe809df1622af1e403f7588b3fd755cfdec275b

grub2-tools-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: 861c7c91cc0244fc78c8378431f4abb67fa9485a7a98d4048387b8140a5ecd2f

grub2-tools-debuginfo-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: 6258536a2bfdc3487b1bfa5e88abeaafdbd98edfd1179346e6b95fa72a3244ee

grub2-tools-extra-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: d55f326b89a34c9ff9a7c42f71ada8053970e456ef6c5f1798f89e306cc69384

grub2-tools-extra-debuginfo-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: 7fe99fc014125bbc4608e078da363803b34ecf6380f7bac54a593209e1d78434

grub2-tools-minimal-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: 89e448dcf212fea8887edef6bdb1ccf1a384cadeeebd3f9210c6a0548c761c43

grub2-tools-minimal-debuginfo-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: a8e4ab9abb923aba81cb825d952b946daebd84ed85c6dbdbf83b40ff0b2f8ce8

Red Hat Enterprise Linux for ARM 64 9

SRPM

grub2-2.06-27.el9_0.7.src.rpm

SHA-256: 36ea20b8f6f63510e398fce228aab74cdf41c546bceb9aa82102dbfe170c77c5

mokutil-0.4.0-8.el9_0.1.src.rpm

SHA-256: 4ee355d764cda1369fed740951d9c776e7227bc4bb0eeb70a67fece53c05e73e

shim-15.6-1.el9.src.rpm

SHA-256: 8fabbdffdfafe5f23218be58db30c3d0939c0617221b4516a062642c50e47599

aarch64

grub2-common-2.06-27.el9_0.7.noarch.rpm

SHA-256: 5dce742af31031ee706e4455ebe017b3c927a61c0a32ae5abe49e2c73dd194a2

grub2-debuginfo-2.06-27.el9_0.7.aarch64.rpm

SHA-256: de20ec3ee2fb236d208f12838b9d8f845b67b06ba26fac0010f1760c70aff83b

grub2-debugsource-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 09ec88e5a878a7d147f6ea4f346b0f07d5e3e62896e064b964e1aaf08683597b

grub2-efi-aa64-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 97d2c2bbed83204313c57cf81dafe4a5574889e7a8f5536810c8937c813d97c8

grub2-efi-aa64-cdboot-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 42c8d12a7e913c07f3a6d008d74b3c42b4a214cad1c91905599ade3d8b716a7c

grub2-efi-aa64-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: ce757cddc3afe964f2faa4d7d12701560567a9327a80cbb8a92a1fbc5f7216e2

grub2-efi-x64-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: 57e458e1d1e10ef145ab25dbb801cefdc38873f52bb796d13e656342c7a2b5de

grub2-emu-debuginfo-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 6365cf6c534ee93564a873c402128a2de51f1f37b461b682075b34df86a1b238

grub2-tools-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 48a0f367c181f66583df7b3cf2c11d157fc84878f6e0ffc53519e17d88cd5b04

grub2-tools-debuginfo-2.06-27.el9_0.7.aarch64.rpm

SHA-256: e81b4e27acb1aeb7b5441888d0e5a52f3b90d4d2bdfd813c88e6ea72a94b9a3a

grub2-tools-extra-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 56451a7c7b7e5197adb01fb5f02d92ab0f82e99957611f7eacc68fadfa7f67d7

grub2-tools-extra-debuginfo-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 3f3df749573b06265295d3690d0cda7eed3f8678c8f28d006ad605f7a0e5dd3a

grub2-tools-minimal-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 2d0f3e0064167cafc8427a939f19468afadd3dc12b904efc13f3a903f805bea6

grub2-tools-minimal-debuginfo-2.06-27.el9_0.7.aarch64.rpm

SHA-256: f73f196932e7ded68a401ee7e0f5f33e3b7bc035e2b0be4cf5b54e0e3595773b

mokutil-0.4.0-8.el9_0.1.aarch64.rpm

SHA-256: a7430478616f42981ad5025bd7fe4e3e36d2b27f810f11e404549747eda12f9b

mokutil-debuginfo-0.4.0-8.el9_0.1.aarch64.rpm

SHA-256: 7daca5fe7235d5e2e381dcc2292195a1292b2f96a2a89e7b372652dc65958b95

mokutil-debugsource-0.4.0-8.el9_0.1.aarch64.rpm

SHA-256: 893bbb78ad44ce621356c043b0d4720a763ed01609cc4f04b3f4602f675a1783

shim-aa64-15.6-1.el9.aarch64.rpm

SHA-256: 70d4a2e5581a417a5becc9f5dc5cf822e6a0d69a4100c9e6fb6c834fa6bd7e53

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0

SRPM

grub2-2.06-27.el9_0.7.src.rpm

SHA-256: 36ea20b8f6f63510e398fce228aab74cdf41c546bceb9aa82102dbfe170c77c5

mokutil-0.4.0-8.el9_0.1.src.rpm

SHA-256: 4ee355d764cda1369fed740951d9c776e7227bc4bb0eeb70a67fece53c05e73e

shim-15.6-1.el9.src.rpm

SHA-256: 8fabbdffdfafe5f23218be58db30c3d0939c0617221b4516a062642c50e47599

aarch64

grub2-common-2.06-27.el9_0.7.noarch.rpm

SHA-256: 5dce742af31031ee706e4455ebe017b3c927a61c0a32ae5abe49e2c73dd194a2

grub2-debuginfo-2.06-27.el9_0.7.aarch64.rpm

SHA-256: de20ec3ee2fb236d208f12838b9d8f845b67b06ba26fac0010f1760c70aff83b

grub2-debugsource-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 09ec88e5a878a7d147f6ea4f346b0f07d5e3e62896e064b964e1aaf08683597b

grub2-efi-aa64-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 97d2c2bbed83204313c57cf81dafe4a5574889e7a8f5536810c8937c813d97c8

grub2-efi-aa64-cdboot-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 42c8d12a7e913c07f3a6d008d74b3c42b4a214cad1c91905599ade3d8b716a7c

grub2-efi-aa64-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: ce757cddc3afe964f2faa4d7d12701560567a9327a80cbb8a92a1fbc5f7216e2

grub2-efi-x64-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: 57e458e1d1e10ef145ab25dbb801cefdc38873f52bb796d13e656342c7a2b5de

grub2-emu-debuginfo-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 6365cf6c534ee93564a873c402128a2de51f1f37b461b682075b34df86a1b238

grub2-tools-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 48a0f367c181f66583df7b3cf2c11d157fc84878f6e0ffc53519e17d88cd5b04

grub2-tools-debuginfo-2.06-27.el9_0.7.aarch64.rpm

SHA-256: e81b4e27acb1aeb7b5441888d0e5a52f3b90d4d2bdfd813c88e6ea72a94b9a3a

grub2-tools-extra-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 56451a7c7b7e5197adb01fb5f02d92ab0f82e99957611f7eacc68fadfa7f67d7

grub2-tools-extra-debuginfo-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 3f3df749573b06265295d3690d0cda7eed3f8678c8f28d006ad605f7a0e5dd3a

grub2-tools-minimal-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 2d0f3e0064167cafc8427a939f19468afadd3dc12b904efc13f3a903f805bea6

grub2-tools-minimal-debuginfo-2.06-27.el9_0.7.aarch64.rpm

SHA-256: f73f196932e7ded68a401ee7e0f5f33e3b7bc035e2b0be4cf5b54e0e3595773b

mokutil-0.4.0-8.el9_0.1.aarch64.rpm

SHA-256: a7430478616f42981ad5025bd7fe4e3e36d2b27f810f11e404549747eda12f9b

mokutil-debuginfo-0.4.0-8.el9_0.1.aarch64.rpm

SHA-256: 7daca5fe7235d5e2e381dcc2292195a1292b2f96a2a89e7b372652dc65958b95

mokutil-debugsource-0.4.0-8.el9_0.1.aarch64.rpm

SHA-256: 893bbb78ad44ce621356c043b0d4720a763ed01609cc4f04b3f4602f675a1783

shim-aa64-15.6-1.el9.aarch64.rpm

SHA-256: 70d4a2e5581a417a5becc9f5dc5cf822e6a0d69a4100c9e6fb6c834fa6bd7e53

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0

SRPM

grub2-2.06-27.el9_0.7.src.rpm

SHA-256: 36ea20b8f6f63510e398fce228aab74cdf41c546bceb9aa82102dbfe170c77c5

ppc64le

grub2-common-2.06-27.el9_0.7.noarch.rpm

SHA-256: 5dce742af31031ee706e4455ebe017b3c927a61c0a32ae5abe49e2c73dd194a2

grub2-debuginfo-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: d900101492043771a6c5bd5d94ef902145a843368ebaa89e0eb99577af28e666

grub2-debugsource-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: 60b0c51eb6a75f82952b9d979187254c79352349af98748e893d9c1a6e54febc

grub2-efi-aa64-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: ce757cddc3afe964f2faa4d7d12701560567a9327a80cbb8a92a1fbc5f7216e2

grub2-efi-x64-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: 57e458e1d1e10ef145ab25dbb801cefdc38873f52bb796d13e656342c7a2b5de

grub2-ppc64le-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: fb07398f25bfabdba1ec9d020c885260efd3be382e31936fe796fcb861afae48

grub2-ppc64le-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: 4db182668a166a1d6eac2bdb6fe809df1622af1e403f7588b3fd755cfdec275b

grub2-tools-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: 861c7c91cc0244fc78c8378431f4abb67fa9485a7a98d4048387b8140a5ecd2f

grub2-tools-debuginfo-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: 6258536a2bfdc3487b1bfa5e88abeaafdbd98edfd1179346e6b95fa72a3244ee

grub2-tools-extra-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: d55f326b89a34c9ff9a7c42f71ada8053970e456ef6c5f1798f89e306cc69384

grub2-tools-extra-debuginfo-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: 7fe99fc014125bbc4608e078da363803b34ecf6380f7bac54a593209e1d78434

grub2-tools-minimal-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: 89e448dcf212fea8887edef6bdb1ccf1a384cadeeebd3f9210c6a0548c761c43

grub2-tools-minimal-debuginfo-2.06-27.el9_0.7.ppc64le.rpm

SHA-256: a8e4ab9abb923aba81cb825d952b946daebd84ed85c6dbdbf83b40ff0b2f8ce8

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0

SRPM

grub2-2.06-27.el9_0.7.src.rpm

SHA-256: 36ea20b8f6f63510e398fce228aab74cdf41c546bceb9aa82102dbfe170c77c5

mokutil-0.4.0-8.el9_0.1.src.rpm

SHA-256: 4ee355d764cda1369fed740951d9c776e7227bc4bb0eeb70a67fece53c05e73e

shim-15.6-1.el9.src.rpm

SHA-256: 8fabbdffdfafe5f23218be58db30c3d0939c0617221b4516a062642c50e47599

x86_64

grub2-common-2.06-27.el9_0.7.noarch.rpm

SHA-256: 5dce742af31031ee706e4455ebe017b3c927a61c0a32ae5abe49e2c73dd194a2

grub2-debuginfo-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 7b38679987b9270fa3f0570ef78fbea82310460836ea806c4f07edaa02be98d2

grub2-debugsource-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 2fa32bc84a876ae95a946c077a0ad93360795e674dd6850bcc903fbb26463331

grub2-efi-aa64-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: ce757cddc3afe964f2faa4d7d12701560567a9327a80cbb8a92a1fbc5f7216e2

grub2-efi-x64-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 29b2d83ff35958efc195819eca20a3a80160b1b107559d05556a9f78addc2fcb

grub2-efi-x64-cdboot-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 368d2f4798d826d6fa3217e9beb93a7588837e8ade783df57505c16343971f6f

grub2-efi-x64-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: 57e458e1d1e10ef145ab25dbb801cefdc38873f52bb796d13e656342c7a2b5de

grub2-emu-debuginfo-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 6f21c27d6170c933ce258dbbef3b8d1ba0696f1a53fc047f35a1bf651b25aa82

grub2-pc-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 16c58bc688e7856e9b5af5220f0b142ddaceedcf561a535b8092f11037ade522

grub2-pc-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: ebb77a783f1c13b40f624717449378266fc20c1bc13cced80c3934d9737efe3e

grub2-tools-2.06-27.el9_0.7.x86_64.rpm

SHA-256: c0ddd30797d7dfd9302ac51dd7c5f9fcaa8760ba8ffff276a40c7ae606f8ade1

grub2-tools-debuginfo-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 7b7221064eca824506dbe0e99e7629c9487f39548775f0656423eceba75794ec

grub2-tools-efi-2.06-27.el9_0.7.x86_64.rpm

SHA-256: da7bd8a1857e7b20f7ac25be25228091f0e3467b5fab938638776dead3c6b2ff

grub2-tools-efi-debuginfo-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 384d2843468e01641e060ef0b2bf31a1d86bbdb0b3af6b5cdf59ae323e06e023

grub2-tools-extra-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 4deb6eb3fbb67dfce0567241ab9b4a5add9c59dfd5e51efbe52d77394d065a29

grub2-tools-extra-debuginfo-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 7f9213779f97ae5c3b2d117dc79403b8fca95ba557081d5ecc194724c887ffc3

grub2-tools-minimal-2.06-27.el9_0.7.x86_64.rpm

SHA-256: c8e0c387d1c060a8a401896e7caecd7c67898ca092157f7bdcb911a920d02948

grub2-tools-minimal-debuginfo-2.06-27.el9_0.7.x86_64.rpm

SHA-256: 7d754c9b79233476d8ca6df85424711c1f102fb14c9b2de14cb0272861433404

mokutil-0.4.0-8.el9_0.1.x86_64.rpm

SHA-256: ae9be0082f99a84a224767916b84df195f0f3136c9a478d0ae2478f77a1a7981

mokutil-debuginfo-0.4.0-8.el9_0.1.x86_64.rpm

SHA-256: 6e5e948ffbfff055ad5f0079a63727c57417f6140feb74e1cf96f1837e16c84a

mokutil-debugsource-0.4.0-8.el9_0.1.x86_64.rpm

SHA-256: 3ee19b2c4ad415f1a231db33e62536443c012005dd412caf709e4acdf62ce9cc

shim-x64-15.6-1.el9.x86_64.rpm

SHA-256: df0896bc9cb5c6136f791408e5e5d5063fe65b94dabd45310dfc69816811cd0f

Red Hat CodeReady Linux Builder for x86_64 9

SRPM

shim-unsigned-x64-15.6-1.el9.src.rpm

SHA-256: fb4a0875053259688a911eecbe53fc7ee3255d46f4e732a309b138a0b36c4edb

x86_64

shim-unsigned-x64-15.6-1.el9.x86_64.rpm

SHA-256: 62ff4e844b9945a82b4d38706ee54775c7cec78b59c14b18e96f0ce742dcb73e

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0

SRPM

shim-unsigned-x64-15.6-1.el9.src.rpm

SHA-256: fb4a0875053259688a911eecbe53fc7ee3255d46f4e732a309b138a0b36c4edb

x86_64

shim-unsigned-x64-15.6-1.el9.x86_64.rpm

SHA-256: 62ff4e844b9945a82b4d38706ee54775c7cec78b59c14b18e96f0ce742dcb73e

Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0

SRPM

grub2-2.06-27.el9_0.7.src.rpm

SHA-256: 36ea20b8f6f63510e398fce228aab74cdf41c546bceb9aa82102dbfe170c77c5

mokutil-0.4.0-8.el9_0.1.src.rpm

SHA-256: 4ee355d764cda1369fed740951d9c776e7227bc4bb0eeb70a67fece53c05e73e

shim-15.6-1.el9.src.rpm

SHA-256: 8fabbdffdfafe5f23218be58db30c3d0939c0617221b4516a062642c50e47599

aarch64

grub2-common-2.06-27.el9_0.7.noarch.rpm

SHA-256: 5dce742af31031ee706e4455ebe017b3c927a61c0a32ae5abe49e2c73dd194a2

grub2-debuginfo-2.06-27.el9_0.7.aarch64.rpm

SHA-256: de20ec3ee2fb236d208f12838b9d8f845b67b06ba26fac0010f1760c70aff83b

grub2-debugsource-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 09ec88e5a878a7d147f6ea4f346b0f07d5e3e62896e064b964e1aaf08683597b

grub2-efi-aa64-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 97d2c2bbed83204313c57cf81dafe4a5574889e7a8f5536810c8937c813d97c8

grub2-efi-aa64-cdboot-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 42c8d12a7e913c07f3a6d008d74b3c42b4a214cad1c91905599ade3d8b716a7c

grub2-efi-aa64-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: ce757cddc3afe964f2faa4d7d12701560567a9327a80cbb8a92a1fbc5f7216e2

grub2-efi-x64-modules-2.06-27.el9_0.7.noarch.rpm

SHA-256: 57e458e1d1e10ef145ab25dbb801cefdc38873f52bb796d13e656342c7a2b5de

grub2-emu-debuginfo-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 6365cf6c534ee93564a873c402128a2de51f1f37b461b682075b34df86a1b238

grub2-tools-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 48a0f367c181f66583df7b3cf2c11d157fc84878f6e0ffc53519e17d88cd5b04

grub2-tools-debuginfo-2.06-27.el9_0.7.aarch64.rpm

SHA-256: e81b4e27acb1aeb7b5441888d0e5a52f3b90d4d2bdfd813c88e6ea72a94b9a3a

grub2-tools-extra-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 56451a7c7b7e5197adb01fb5f02d92ab0f82e99957611f7eacc68fadfa7f67d7

grub2-tools-extra-debuginfo-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 3f3df749573b06265295d3690d0cda7eed3f8678c8f28d006ad605f7a0e5dd3a

grub2-tools-minimal-2.06-27.el9_0.7.aarch64.rpm

SHA-256: 2d0f3e0064167cafc8427a939f19468afadd3dc12b904efc13f3a903f805bea6

grub2-tools-minimal-debuginfo-2.06-27.el9_0.7.aarch64.rpm

SHA-256: f73f196932e7ded68a401ee7e0f5f33e3b7bc035e2b0be4cf5b54e0e3595773b

mokutil-0.4.0-8.el9_0.1.aarch64.rpm

SHA-256: a7430478616f42981ad5025bd7fe4e3e36d2b27f810f11e404549747eda12f9b

mokutil-debuginfo-0.4.0-8.el9_0.1.aarch64.rpm

SHA-256: 7daca5fe7235d5e2e381dcc2292195a1292b2f96a2a89e7b372652dc65958b95

mokutil-debugsource-0.4.0-8.el9_0.1.aarch64.rpm

SHA-256: 893bbb78ad44ce621356c043b0d4720a763ed01609cc4f04b3f4602f675a1783

shim-aa64-15.6-1.el9.aarch64.rpm

SHA-256: 70d4a2e5581a417a5becc9f5dc5cf822e6a0d69a4100c9e6fb6c834fa6bd7e53

Related news

Patch management needs a revolution, part 3: Vulnerability scores and the concept of trust

This is the third part of Vincent Danen’s “Patch management needs a revolution” series.Patch management needs a revolution, part 1: Surveying cybersecurity’s lineagePatch management needs a revolution, part 2: The flood of vulnerabilitiesVulnerability ratings are the foundation for a good risk-based vulnerability management program, especially if they’re from a trusted party. Recently I was discussing this topic with a customer and they said they practiced Zero Trust, as if to explain why they could not trust our ratings. The irony, however, is that they did use National Vulnerabilit

CVE-2023-45085: Releases - HyperCloud Docs

An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process.  In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads that may be deployed during this time window. This issue impacts HyperCloud versions from 2.0.0 to before 2.0.3.

Ubuntu Security Notice USN-6355-1

Ubuntu Security Notice 6355-1 - Daniel Axtens discovered that specially crafted images could cause a heap-based out-of-bonds write. A local attacker could possibly use this to circumvent secure boot protections. Daniel Axtens discovered that specially crafted images could cause out-of-bonds read and write. A local attacker could possibly use this to circumvent secure boot protections. Daniel Axtens discovered that specially crafted images could cause buffer underwrite which allows arbitrary data to be written to a heap. A local attacker could possibly use this to circumvent secure boot protections.

CVE-2022-28737: CVE - CVE-2022-28737

There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code execution is not discarded in such scenario.

CVE-2023-32449: DSA-2023-173: Dell PowerStore Family Security Update for Multiple Vulnerabilities

Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic signature vulnerability. An attacker can trick a high privileged user to install a malicious binary by bypassing the existing cryptographic signature checks

CVE-2022-46756: DSA-2022-335: Dell VxRail Security Update for Multiple Third-Party Component Vulnerabilities

Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.

CVE-2022-34456: DSA-2022-267: Dell EMC Metronode VS5 Security Update for Multiple Third-Party Component Vulnerabilities

Dell EMC Metro node, Version(s) prior to 7.1, contain a Code Injection Vulnerability. An authenticated nonprivileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application.

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

RHSA-2022:8900: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-28733: grub2: Integer underflow in grub_net_recv_ip4_packets

Gentoo Linux Security Advisory 202209-12

Gentoo Linux Security Advisory 202209-12 - Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass. Versions less than 2.06 are affected.

Red Hat Security Advisory 2022-5069-01

Red Hat Security Advisory 2022-5069-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.0. Issues addressed include code execution, cross site scripting, denial of service, information leakage, and traversal vulnerabilities.

RHSA-2022:5069: Red Hat Security Advisory: OpenShift Container Platform 4.11.0 bug fix and security update

Red Hat OpenShift Container Platform release 4.11.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-23566: nanoid: Information disclosure via valueOf() function * CVE-2021-23648: sanitize-url: XSS * CVE-2021-41190: opencontainers: OCI manifest and index parsing confusion * CVE-2021-44906:...

RHSA-2022:5678: Red Hat Security Advisory: Red Hat Virtualization security, bug fix, and enhancement update [ovirt-4.5.1]

An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27666: kernel: buffer overflow in IPsec ESP transformation code * CVE-2022-28733: grub2: Integer underflow in grub_net_recv_ip4_packets

RHSA-2022:5531: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.5.1 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.5.1 General Availability release images, which fix security issues and bugs. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24450: nats-server: misusing the "dynamically provisioned sandbox accounts" feature authenticated user can obtain the privileges of the System account

CVE-2021-3695: Invalid Bug ID

A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be exploited as an attacker needs to perform some triage over the heap layout to achieve signifcant results, also the values written into the memory are repeated three times in a row making difficult to produce valid payloads. This flaw affects grub2 versions prior grub-2.12.

Red Hat Security Advisory 2022-5392-01

Red Hat Security Advisory 2022-5392-01 - Red Hat Advanced Cluster Management for Kubernetes 2.3.11 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which resolve security issues and fix several bugs. Issues addressed include a traversal vulnerability.

RHSA-2022:5392: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.3.11 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.3.11 general availability release images, which provide security updates and bug fixes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0235: node-fetch: exposure of sensitive information to an unauthorized actor * CVE-2022-0536: follow-redirects: Exposure of Sensitive Information via Authorization Header leak * CVE-2022-21803: nconf: Prototype pollution in memory store * CVE-2022-23806: golang: crypto/elliptic IsOnCurv...

Red Hat Security Advisory 2022-5201-01

Red Hat Security Advisory 2022-5201-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.5 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which apply security fixes and fix several bugs. Issues addressed include a traversal vulnerability.

RHSA-2022:5201: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.5 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.4.5 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-43565: golang.org/x/crypto: empty plaintext packet causes panic * CVE-2022-21803: nconf: Prototype pollution in memory store * CVE-2022-23806: golang: crypto/elliptic IsOnCurve returns true for invalid field elements * CVE-2022-24450: nats-server: misusing the "dynamically provisioned sand...

Red Hat Security Advisory 2022-5099-01

Red Hat Security Advisory 2022-5099-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-5100-01

Red Hat Security Advisory 2022-5100-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-5095-01

Red Hat Security Advisory 2022-5095-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-5096-01

Red Hat Security Advisory 2022-5096-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-5098-01

Red Hat Security Advisory 2022-5098-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

RHSA-2022:5100: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update

An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733:...

RHSA-2022:5100: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update

An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733:...

RHSA-2022:5100: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update

An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733:...

RHSA-2022:5100: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update

An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733:...

RHSA-2022:5100: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update

An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733:...

RHSA-2022:5100: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update

An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733:...

RHSA-2022:5100: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update

An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733:...

RHSA-2022:5100: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update

An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733:...

RHSA-2022:5095: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update

An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733: grub2: Integer underflow ...

RHSA-2022:5095: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update

An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733: grub2: Integer underflow ...

RHSA-2022:5095: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update

An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733: grub2: Integer underflow ...

RHSA-2022:5095: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update

An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733: grub2: Integer underflow ...

RHSA-2022:5095: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update

An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733: grub2: Integer underflow ...

RHSA-2022:5095: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update

An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733: grub2: Integer underflow ...

RHSA-2022:5095: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update

An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733: grub2: Integer underflow ...

RHSA-2022:5095: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update

An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733: grub2: Integer underflow ...

RHSA-2022:5096: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update

An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733:...

RHSA-2022:5098: Red Hat Security Advisory: grub2, mokutil, and shim security update

An update for grub2, mokutil, and shim is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733: grub2: I...