Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:0047: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-2601: grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass
  • CVE-2022-3775: grub2: Heap based out-of-bounds write when redering certain unicode sequences
Red Hat Security Data
Open in Source
#vulnerability#linux#red_hat#buffer_overflow#sap

Synopsis

Moderate: grub2 security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for grub2 is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices.

Security Fix(es):

  • grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass (CVE-2022-2601)
  • grub2: Heap based out-of-bounds write when redering certain unicode sequences (CVE-2022-3775)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.4 x86_64
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64

Fixes

  • BZ - 2112975 - CVE-2022-2601 grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass
  • BZ - 2138880 - CVE-2022-3775 grub2: Heap based out-of-bounds write when redering certain unicode sequences

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4

SRPM

grub2-2.02-99.el8_4.10.src.rpm

SHA-256: b744041337865fab0c40157e11d0b51ad5c639c411c18f9426023edcab87d892

x86_64

grub2-common-2.02-99.el8_4.10.noarch.rpm

SHA-256: d0514b1be5657f3792697e0b61efbf8c5a36c39f2eada250416474d014f871db

grub2-debuginfo-2.02-99.el8_4.10.x86_64.rpm

SHA-256: b567bb31ce9e5b78fdc59d158bc9b35e43c410f056d0c03a965651c021c35768

grub2-debugsource-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 7e1544aec4741b093afa54d29c2517d17af252bd708648ef137685a6c91a746d

grub2-efi-aa64-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: 272e94b58a069bdf91cf4e5a9bd84a3c0c896c965080908d608f05012a258ff7

grub2-efi-ia32-2.02-99.el8_4.10.x86_64.rpm

SHA-256: ac87d02b13c2c05a406abba6262495fe4f3bd367f20fa92fab932b7de9802ce4

grub2-efi-ia32-cdboot-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 3fa1ea2940b42a8382e45e535332829b9a0b129d91c1d52f444b30547be72954

grub2-efi-ia32-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: fba6bff93c9eebc50c0894fe9e0c5ee6136d1186c6f4fcbd3733e9fb326eaae3

grub2-efi-x64-2.02-99.el8_4.10.x86_64.rpm

SHA-256: b07b8ca1b31a77d0b80fe64ad630a9331edbdfb6836077e64ffb1ed62cb476dd

grub2-efi-x64-cdboot-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 07cd5d6d259d35c393e88b1e1059c0d73449cbc07ef00ffe7da285aee3f97a15

grub2-efi-x64-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: fc48f5b407efb125cb3b68e8dc7c49d842afd9fec8a6ae457d5f81832ab718c9

grub2-pc-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 5a50dc00ba4081ff298de92d0413ad1f115eaea8d1d22e50fc5d0d863fe50d59

grub2-pc-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: 54ccb67a1128cfc395e170288ced2066853829bdd1500794758eaaf3be9bf313

grub2-ppc64le-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: eb432612746e3821e8ff0969294360c9e636486dfcaac53c3004c7dad9551f46

grub2-tools-2.02-99.el8_4.10.x86_64.rpm

SHA-256: e2acc95c9433aa34a8fcb3ce63925f8148a5604d87396340a5250199a2a429c8

grub2-tools-debuginfo-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 0bb9f482e9f41cbeddbd8210ae8d8834eda9adc17959a8a1ea32fac52d55725d

grub2-tools-efi-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 445c9aef7aeefd63f69e34b43d6a2136c50036c7e11006c80fdf028d37aaa5b6

grub2-tools-efi-debuginfo-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 134edf7738775cd7bdb7ca1e581ba58acf015093d46a61c6c1596a41531d4eb4

grub2-tools-extra-2.02-99.el8_4.10.x86_64.rpm

SHA-256: c8351fc9353ad3c5b4f14db07981a6a456a59afbb86762ea9abbea4391b219f8

grub2-tools-extra-debuginfo-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 78563c62e59a0ae58b58ed19a062078e38fa94b60984b84d8a39923587011974

grub2-tools-minimal-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 3867bb828a48a01195ef3486fa3e0d0772ab107e803b71474ce1e4c957ec06c2

grub2-tools-minimal-debuginfo-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 61fc34f7dfeebca62aac3cccce75a652691e16c4c39d8d7abfad753b78821d0a

Red Hat Enterprise Linux Server - AUS 8.4

SRPM

grub2-2.02-99.el8_4.10.src.rpm

SHA-256: b744041337865fab0c40157e11d0b51ad5c639c411c18f9426023edcab87d892

x86_64

grub2-common-2.02-99.el8_4.10.noarch.rpm

SHA-256: d0514b1be5657f3792697e0b61efbf8c5a36c39f2eada250416474d014f871db

grub2-debuginfo-2.02-99.el8_4.10.x86_64.rpm

SHA-256: b567bb31ce9e5b78fdc59d158bc9b35e43c410f056d0c03a965651c021c35768

grub2-debugsource-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 7e1544aec4741b093afa54d29c2517d17af252bd708648ef137685a6c91a746d

grub2-efi-aa64-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: 272e94b58a069bdf91cf4e5a9bd84a3c0c896c965080908d608f05012a258ff7

grub2-efi-ia32-2.02-99.el8_4.10.x86_64.rpm

SHA-256: ac87d02b13c2c05a406abba6262495fe4f3bd367f20fa92fab932b7de9802ce4

grub2-efi-ia32-cdboot-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 3fa1ea2940b42a8382e45e535332829b9a0b129d91c1d52f444b30547be72954

grub2-efi-ia32-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: fba6bff93c9eebc50c0894fe9e0c5ee6136d1186c6f4fcbd3733e9fb326eaae3

grub2-efi-x64-2.02-99.el8_4.10.x86_64.rpm

SHA-256: b07b8ca1b31a77d0b80fe64ad630a9331edbdfb6836077e64ffb1ed62cb476dd

grub2-efi-x64-cdboot-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 07cd5d6d259d35c393e88b1e1059c0d73449cbc07ef00ffe7da285aee3f97a15

grub2-efi-x64-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: fc48f5b407efb125cb3b68e8dc7c49d842afd9fec8a6ae457d5f81832ab718c9

grub2-pc-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 5a50dc00ba4081ff298de92d0413ad1f115eaea8d1d22e50fc5d0d863fe50d59

grub2-pc-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: 54ccb67a1128cfc395e170288ced2066853829bdd1500794758eaaf3be9bf313

grub2-ppc64le-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: eb432612746e3821e8ff0969294360c9e636486dfcaac53c3004c7dad9551f46

grub2-tools-2.02-99.el8_4.10.x86_64.rpm

SHA-256: e2acc95c9433aa34a8fcb3ce63925f8148a5604d87396340a5250199a2a429c8

grub2-tools-debuginfo-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 0bb9f482e9f41cbeddbd8210ae8d8834eda9adc17959a8a1ea32fac52d55725d

grub2-tools-efi-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 445c9aef7aeefd63f69e34b43d6a2136c50036c7e11006c80fdf028d37aaa5b6

grub2-tools-efi-debuginfo-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 134edf7738775cd7bdb7ca1e581ba58acf015093d46a61c6c1596a41531d4eb4

grub2-tools-extra-2.02-99.el8_4.10.x86_64.rpm

SHA-256: c8351fc9353ad3c5b4f14db07981a6a456a59afbb86762ea9abbea4391b219f8

grub2-tools-extra-debuginfo-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 78563c62e59a0ae58b58ed19a062078e38fa94b60984b84d8a39923587011974

grub2-tools-minimal-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 3867bb828a48a01195ef3486fa3e0d0772ab107e803b71474ce1e4c957ec06c2

grub2-tools-minimal-debuginfo-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 61fc34f7dfeebca62aac3cccce75a652691e16c4c39d8d7abfad753b78821d0a

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4

SRPM

grub2-2.02-99.el8_4.10.src.rpm

SHA-256: b744041337865fab0c40157e11d0b51ad5c639c411c18f9426023edcab87d892

ppc64le

grub2-common-2.02-99.el8_4.10.noarch.rpm

SHA-256: d0514b1be5657f3792697e0b61efbf8c5a36c39f2eada250416474d014f871db

grub2-debuginfo-2.02-99.el8_4.10.ppc64le.rpm

SHA-256: 90a5b2a267b1ff7c76d7294e1416fb93efceb125b0330cc560bb1c45fd472c21

grub2-debugsource-2.02-99.el8_4.10.ppc64le.rpm

SHA-256: 1a8525cb5c9cbc332a94254bf06cb9c5f0d72ae93c385cb94a31dfce834855da

grub2-efi-aa64-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: 272e94b58a069bdf91cf4e5a9bd84a3c0c896c965080908d608f05012a258ff7

grub2-efi-ia32-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: fba6bff93c9eebc50c0894fe9e0c5ee6136d1186c6f4fcbd3733e9fb326eaae3

grub2-efi-x64-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: fc48f5b407efb125cb3b68e8dc7c49d842afd9fec8a6ae457d5f81832ab718c9

grub2-pc-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: 54ccb67a1128cfc395e170288ced2066853829bdd1500794758eaaf3be9bf313

grub2-ppc64le-2.02-99.el8_4.10.ppc64le.rpm

SHA-256: 5c7f6d992c0096640886172e84c11bace615a07ff82f2b3a3f777a4bb3cf9ba5

grub2-ppc64le-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: eb432612746e3821e8ff0969294360c9e636486dfcaac53c3004c7dad9551f46

grub2-tools-2.02-99.el8_4.10.ppc64le.rpm

SHA-256: c0a4bac5aa7df0e5e7b51532a3e09d650b76a42733a1d4b32bc17ef60b148ed4

grub2-tools-debuginfo-2.02-99.el8_4.10.ppc64le.rpm

SHA-256: e86538255f5ae92b96155f47151d88fe17350abc5b8b5d8426fc9d3ee568ba4c

grub2-tools-extra-2.02-99.el8_4.10.ppc64le.rpm

SHA-256: 3e97cf482015d353b3962c9668d919bf2cd57d91e5c153e90db73b69c231a723

grub2-tools-extra-debuginfo-2.02-99.el8_4.10.ppc64le.rpm

SHA-256: 2683554c876d77c52f6f7e1aed9260076175216f46b43e23ddef262cbc135fe6

grub2-tools-minimal-2.02-99.el8_4.10.ppc64le.rpm

SHA-256: 2ac1cc489f7c14f406cfdb71b68560ed768b06bf3863c8421e30a19220d1c889

grub2-tools-minimal-debuginfo-2.02-99.el8_4.10.ppc64le.rpm

SHA-256: 591a0fb8763fce0ef5554071e02596668779a7d37cc55218be85de54fcefd857

Red Hat Enterprise Linux Server - TUS 8.4

SRPM

grub2-2.02-99.el8_4.10.src.rpm

SHA-256: b744041337865fab0c40157e11d0b51ad5c639c411c18f9426023edcab87d892

x86_64

grub2-common-2.02-99.el8_4.10.noarch.rpm

SHA-256: d0514b1be5657f3792697e0b61efbf8c5a36c39f2eada250416474d014f871db

grub2-debuginfo-2.02-99.el8_4.10.x86_64.rpm

SHA-256: b567bb31ce9e5b78fdc59d158bc9b35e43c410f056d0c03a965651c021c35768

grub2-debugsource-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 7e1544aec4741b093afa54d29c2517d17af252bd708648ef137685a6c91a746d

grub2-efi-aa64-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: 272e94b58a069bdf91cf4e5a9bd84a3c0c896c965080908d608f05012a258ff7

grub2-efi-ia32-2.02-99.el8_4.10.x86_64.rpm

SHA-256: ac87d02b13c2c05a406abba6262495fe4f3bd367f20fa92fab932b7de9802ce4

grub2-efi-ia32-cdboot-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 3fa1ea2940b42a8382e45e535332829b9a0b129d91c1d52f444b30547be72954

grub2-efi-ia32-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: fba6bff93c9eebc50c0894fe9e0c5ee6136d1186c6f4fcbd3733e9fb326eaae3

grub2-efi-x64-2.02-99.el8_4.10.x86_64.rpm

SHA-256: b07b8ca1b31a77d0b80fe64ad630a9331edbdfb6836077e64ffb1ed62cb476dd

grub2-efi-x64-cdboot-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 07cd5d6d259d35c393e88b1e1059c0d73449cbc07ef00ffe7da285aee3f97a15

grub2-efi-x64-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: fc48f5b407efb125cb3b68e8dc7c49d842afd9fec8a6ae457d5f81832ab718c9

grub2-pc-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 5a50dc00ba4081ff298de92d0413ad1f115eaea8d1d22e50fc5d0d863fe50d59

grub2-pc-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: 54ccb67a1128cfc395e170288ced2066853829bdd1500794758eaaf3be9bf313

grub2-ppc64le-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: eb432612746e3821e8ff0969294360c9e636486dfcaac53c3004c7dad9551f46

grub2-tools-2.02-99.el8_4.10.x86_64.rpm

SHA-256: e2acc95c9433aa34a8fcb3ce63925f8148a5604d87396340a5250199a2a429c8

grub2-tools-debuginfo-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 0bb9f482e9f41cbeddbd8210ae8d8834eda9adc17959a8a1ea32fac52d55725d

grub2-tools-efi-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 445c9aef7aeefd63f69e34b43d6a2136c50036c7e11006c80fdf028d37aaa5b6

grub2-tools-efi-debuginfo-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 134edf7738775cd7bdb7ca1e581ba58acf015093d46a61c6c1596a41531d4eb4

grub2-tools-extra-2.02-99.el8_4.10.x86_64.rpm

SHA-256: c8351fc9353ad3c5b4f14db07981a6a456a59afbb86762ea9abbea4391b219f8

grub2-tools-extra-debuginfo-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 78563c62e59a0ae58b58ed19a062078e38fa94b60984b84d8a39923587011974

grub2-tools-minimal-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 3867bb828a48a01195ef3486fa3e0d0772ab107e803b71474ce1e4c957ec06c2

grub2-tools-minimal-debuginfo-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 61fc34f7dfeebca62aac3cccce75a652691e16c4c39d8d7abfad753b78821d0a

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4

SRPM

grub2-2.02-99.el8_4.10.src.rpm

SHA-256: b744041337865fab0c40157e11d0b51ad5c639c411c18f9426023edcab87d892

aarch64

grub2-common-2.02-99.el8_4.10.noarch.rpm

SHA-256: d0514b1be5657f3792697e0b61efbf8c5a36c39f2eada250416474d014f871db

grub2-debuginfo-2.02-99.el8_4.10.aarch64.rpm

SHA-256: 5b6f7f995806af18ecb66b36d03d7da40c42da04bd1b2581dba2e23529a45b1a

grub2-debugsource-2.02-99.el8_4.10.aarch64.rpm

SHA-256: 71ac04ee9a29e571553cc317342d12030b4cddf826d6fe5664a3ab4a99579d98

grub2-efi-aa64-2.02-99.el8_4.10.aarch64.rpm

SHA-256: 4260fc3299fa7095706a653aba5f4968ceeadaad219ca0bd84b893bcd54d3c85

grub2-efi-aa64-cdboot-2.02-99.el8_4.10.aarch64.rpm

SHA-256: 221eca36ac2d246805d552d5ef8a339a75b4996f6f1512bc3d688bd8fc8a4ada

grub2-efi-aa64-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: 272e94b58a069bdf91cf4e5a9bd84a3c0c896c965080908d608f05012a258ff7

grub2-efi-ia32-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: fba6bff93c9eebc50c0894fe9e0c5ee6136d1186c6f4fcbd3733e9fb326eaae3

grub2-efi-x64-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: fc48f5b407efb125cb3b68e8dc7c49d842afd9fec8a6ae457d5f81832ab718c9

grub2-pc-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: 54ccb67a1128cfc395e170288ced2066853829bdd1500794758eaaf3be9bf313

grub2-ppc64le-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: eb432612746e3821e8ff0969294360c9e636486dfcaac53c3004c7dad9551f46

grub2-tools-2.02-99.el8_4.10.aarch64.rpm

SHA-256: cc3e1e2e59fbd994b67c4295a80a18d128eadfddf24e486663027fc693aa543f

grub2-tools-debuginfo-2.02-99.el8_4.10.aarch64.rpm

SHA-256: 3efe318bdefd54adbe28c710540e18966e994441f0ec84f616d3b38f349de192

grub2-tools-extra-2.02-99.el8_4.10.aarch64.rpm

SHA-256: 6db8b49401a3ee3828834b0b505dd885f4791a293e23e34ed6c69589a6f838b9

grub2-tools-extra-debuginfo-2.02-99.el8_4.10.aarch64.rpm

SHA-256: 58c4cc09a7678340970919e5d1edf0ef76ff82ae41c2076bf648bf374dd07e85

grub2-tools-minimal-2.02-99.el8_4.10.aarch64.rpm

SHA-256: 08ced8a5ddd0af50e2e40dca858db0f6d87ee1075e19f0039d9fbad769c1ab92

grub2-tools-minimal-debuginfo-2.02-99.el8_4.10.aarch64.rpm

SHA-256: 8df5d4476d219e6c5d78ede9bea1dfd3c458207709d90ebef1ab4a08e2ba03f2

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4

SRPM

grub2-2.02-99.el8_4.10.src.rpm

SHA-256: b744041337865fab0c40157e11d0b51ad5c639c411c18f9426023edcab87d892

ppc64le

grub2-common-2.02-99.el8_4.10.noarch.rpm

SHA-256: d0514b1be5657f3792697e0b61efbf8c5a36c39f2eada250416474d014f871db

grub2-debuginfo-2.02-99.el8_4.10.ppc64le.rpm

SHA-256: 90a5b2a267b1ff7c76d7294e1416fb93efceb125b0330cc560bb1c45fd472c21

grub2-debugsource-2.02-99.el8_4.10.ppc64le.rpm

SHA-256: 1a8525cb5c9cbc332a94254bf06cb9c5f0d72ae93c385cb94a31dfce834855da

grub2-efi-aa64-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: 272e94b58a069bdf91cf4e5a9bd84a3c0c896c965080908d608f05012a258ff7

grub2-efi-ia32-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: fba6bff93c9eebc50c0894fe9e0c5ee6136d1186c6f4fcbd3733e9fb326eaae3

grub2-efi-x64-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: fc48f5b407efb125cb3b68e8dc7c49d842afd9fec8a6ae457d5f81832ab718c9

grub2-pc-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: 54ccb67a1128cfc395e170288ced2066853829bdd1500794758eaaf3be9bf313

grub2-ppc64le-2.02-99.el8_4.10.ppc64le.rpm

SHA-256: 5c7f6d992c0096640886172e84c11bace615a07ff82f2b3a3f777a4bb3cf9ba5

grub2-ppc64le-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: eb432612746e3821e8ff0969294360c9e636486dfcaac53c3004c7dad9551f46

grub2-tools-2.02-99.el8_4.10.ppc64le.rpm

SHA-256: c0a4bac5aa7df0e5e7b51532a3e09d650b76a42733a1d4b32bc17ef60b148ed4

grub2-tools-debuginfo-2.02-99.el8_4.10.ppc64le.rpm

SHA-256: e86538255f5ae92b96155f47151d88fe17350abc5b8b5d8426fc9d3ee568ba4c

grub2-tools-extra-2.02-99.el8_4.10.ppc64le.rpm

SHA-256: 3e97cf482015d353b3962c9668d919bf2cd57d91e5c153e90db73b69c231a723

grub2-tools-extra-debuginfo-2.02-99.el8_4.10.ppc64le.rpm

SHA-256: 2683554c876d77c52f6f7e1aed9260076175216f46b43e23ddef262cbc135fe6

grub2-tools-minimal-2.02-99.el8_4.10.ppc64le.rpm

SHA-256: 2ac1cc489f7c14f406cfdb71b68560ed768b06bf3863c8421e30a19220d1c889

grub2-tools-minimal-debuginfo-2.02-99.el8_4.10.ppc64le.rpm

SHA-256: 591a0fb8763fce0ef5554071e02596668779a7d37cc55218be85de54fcefd857

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4

SRPM

grub2-2.02-99.el8_4.10.src.rpm

SHA-256: b744041337865fab0c40157e11d0b51ad5c639c411c18f9426023edcab87d892

x86_64

grub2-common-2.02-99.el8_4.10.noarch.rpm

SHA-256: d0514b1be5657f3792697e0b61efbf8c5a36c39f2eada250416474d014f871db

grub2-debuginfo-2.02-99.el8_4.10.x86_64.rpm

SHA-256: b567bb31ce9e5b78fdc59d158bc9b35e43c410f056d0c03a965651c021c35768

grub2-debugsource-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 7e1544aec4741b093afa54d29c2517d17af252bd708648ef137685a6c91a746d

grub2-efi-aa64-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: 272e94b58a069bdf91cf4e5a9bd84a3c0c896c965080908d608f05012a258ff7

grub2-efi-ia32-2.02-99.el8_4.10.x86_64.rpm

SHA-256: ac87d02b13c2c05a406abba6262495fe4f3bd367f20fa92fab932b7de9802ce4

grub2-efi-ia32-cdboot-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 3fa1ea2940b42a8382e45e535332829b9a0b129d91c1d52f444b30547be72954

grub2-efi-ia32-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: fba6bff93c9eebc50c0894fe9e0c5ee6136d1186c6f4fcbd3733e9fb326eaae3

grub2-efi-x64-2.02-99.el8_4.10.x86_64.rpm

SHA-256: b07b8ca1b31a77d0b80fe64ad630a9331edbdfb6836077e64ffb1ed62cb476dd

grub2-efi-x64-cdboot-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 07cd5d6d259d35c393e88b1e1059c0d73449cbc07ef00ffe7da285aee3f97a15

grub2-efi-x64-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: fc48f5b407efb125cb3b68e8dc7c49d842afd9fec8a6ae457d5f81832ab718c9

grub2-pc-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 5a50dc00ba4081ff298de92d0413ad1f115eaea8d1d22e50fc5d0d863fe50d59

grub2-pc-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: 54ccb67a1128cfc395e170288ced2066853829bdd1500794758eaaf3be9bf313

grub2-ppc64le-modules-2.02-99.el8_4.10.noarch.rpm

SHA-256: eb432612746e3821e8ff0969294360c9e636486dfcaac53c3004c7dad9551f46

grub2-tools-2.02-99.el8_4.10.x86_64.rpm

SHA-256: e2acc95c9433aa34a8fcb3ce63925f8148a5604d87396340a5250199a2a429c8

grub2-tools-debuginfo-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 0bb9f482e9f41cbeddbd8210ae8d8834eda9adc17959a8a1ea32fac52d55725d

grub2-tools-efi-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 445c9aef7aeefd63f69e34b43d6a2136c50036c7e11006c80fdf028d37aaa5b6

grub2-tools-efi-debuginfo-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 134edf7738775cd7bdb7ca1e581ba58acf015093d46a61c6c1596a41531d4eb4

grub2-tools-extra-2.02-99.el8_4.10.x86_64.rpm

SHA-256: c8351fc9353ad3c5b4f14db07981a6a456a59afbb86762ea9abbea4391b219f8

grub2-tools-extra-debuginfo-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 78563c62e59a0ae58b58ed19a062078e38fa94b60984b84d8a39923587011974

grub2-tools-minimal-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 3867bb828a48a01195ef3486fa3e0d0772ab107e803b71474ce1e4c957ec06c2

grub2-tools-minimal-debuginfo-2.02-99.el8_4.10.x86_64.rpm

SHA-256: 61fc34f7dfeebca62aac3cccce75a652691e16c4c39d8d7abfad753b78821d0a

Related news

Red Hat Security Advisory 2024-2002-03

Red Hat Security Advisory 2024-2002-03 - An update for grub2 is now available for Red Hat Enterprise Linux 7. Issues addressed include buffer overflow and bypass vulnerabilities.

Gentoo Linux Security Advisory 202311-14

Gentoo Linux Security Advisory 202311-14 - Multiple vulnerabilities have been discovered in GRUB, which may lead to secure boot circumvention or code execution. Versions greater than or equal to 2.06-r9 are affected.

Ubuntu Security Notice USN-6355-1

Ubuntu Security Notice 6355-1 - Daniel Axtens discovered that specially crafted images could cause a heap-based out-of-bonds write. A local attacker could possibly use this to circumvent secure boot protections. Daniel Axtens discovered that specially crafted images could cause out-of-bonds read and write. A local attacker could possibly use this to circumvent secure boot protections. Daniel Axtens discovered that specially crafted images could cause buffer underwrite which allows arbitrary data to be written to a heap. A local attacker could possibly use this to circumvent secure boot protections.

CVE-2023-23694: DSA-2023-071: Dell VxRail Security Update for Multiple Third-Party Component Vulnerabilities – 7.0.450

Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.

Red Hat Security Advisory 2023-0795-01

Red Hat Security Advisory 2023-0795-01 - Submariner 0.13.3 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.6.

RHSA-2023:0795: Red Hat Security Advisory: RHSA: Submariner 0.13.3 - security updates and bug fixes

Submariner 0.13.3 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.6 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: A vulnerability was found in the golang.org/x/text/language package. An attacker can craft an Accept-Language header which ParseAcceptLanguage will take significant time to parse. This issue leads to a denial of service, and can impact availability.

Red Hat Security Advisory 2023-0752-01

Red Hat Security Advisory 2023-0752-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, bypass, and out of bounds write vulnerabilities.

RHSA-2023:0752: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2601: A flaw was found where a maliciously crafted pf2 font could lead to an out-of-bounds write in grub2. A successful attack can lead to memory corruption and secure boot circumvention. * CVE-2022-3775: A flaw was found in the grub2 font code. When rendering certain unicode sequences, it fails to properly validate the font width and height. These values...

Red Hat Security Advisory 2023-0049-01

Red Hat Security Advisory 2023-0049-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, bypass, and out of bounds write vulnerabilities.

RHSA-2023:0049: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2601: grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass * CVE-2022-3775: grub2: Heap based out-of-bounds write when redering certain unicode sequences

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

CVE-2022-3775: Red Hat Customer Portal - Access to 24x7 support and knowledge

When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.

CVE-2022-2601: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass

A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism.

Red Hat Security Advisory 2022-8978-01

Red Hat Security Advisory 2022-8978-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, bypass, and out of bounds write vulnerabilities.

Red Hat Security Advisory 2022-8978-01

Red Hat Security Advisory 2022-8978-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, bypass, and out of bounds write vulnerabilities.

RHSA-2022:8978: Red Hat Security Advisory: grub2 security and bug fix update

An update for grub2 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2601: grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass * CVE-2022-3775: grub2: Heap based out-of-bounds write when redering certain unicode sequences

RHSA-2022:8978: Red Hat Security Advisory: grub2 security and bug fix update

An update for grub2 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2601: grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass * CVE-2022-3775: grub2: Heap based out-of-bounds write when redering certain unicode sequences

Red Hat Security Advisory 2022-8800-01

Red Hat Security Advisory 2022-8800-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, bypass, and out of bounds write vulnerabilities.

Red Hat Security Advisory 2022-8800-01

Red Hat Security Advisory 2022-8800-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, bypass, and out of bounds write vulnerabilities.

RHSA-2022:8800: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2601: grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass * CVE-2022-3775: grub2: Heap based out-of-bounds write when redering certain...

RHSA-2022:8800: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2601: grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass * CVE-2022-3775: grub2: Heap based out-of-bounds write when redering certain...

Red Hat Security Advisory 2022-8494-01

Red Hat Security Advisory 2022-8494-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, bypass, and out of bounds write vulnerabilities.

Red Hat Security Advisory 2022-8494-01

Red Hat Security Advisory 2022-8494-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, bypass, and out of bounds write vulnerabilities.

Debian Security Advisory 5280-1

Debian Linux Security Advisory 5280-1 - Several issues were found in GRUB2's font handling code, which could result in crashes and potentially execution of arbitrary code. These could lead to by-pass of UEFI Secure Boot on affected systems.

Debian Security Advisory 5280-1

Debian Linux Security Advisory 5280-1 - Several issues were found in GRUB2's font handling code, which could result in crashes and potentially execution of arbitrary code. These could lead to by-pass of UEFI Secure Boot on affected systems.

RHSA-2022:8494: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2601: grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass * CVE-2022-3775: grub2: Heap based out-of-bounds write when redering certain unicode sequences

RHSA-2022:8494: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2601: grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass * CVE-2022-3775: grub2: Heap based out-of-bounds write when redering certain unicode sequences

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Red Hat Security Data