Headline
RHSA-2022:5100: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap
- CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling
- CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap
- CVE-2022-28733: grub2: Integer underflow in grub_net_recv_ip4_packets
- CVE-2022-28734: grub2: Out-of-bound write when handling split HTTP headers
- CVE-2022-28735: grub2: shim_lock verifier allows non-kernel files to be loaded
- CVE-2022-28736: grub2: use-after-free in grub_cmd_chainloader()
- CVE-2022-28737: shim: Buffer overflow when loading crafted EFI images
Synopsis
Important: grub2, mokutil, shim, and shim-unsigned-x64 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices.
The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments.
Security Fix(es):
- grub2: Integer underflow in grub_net_recv_ip4_packets (CVE-2022-28733)
- grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap (CVE-2021-3695)
- grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling (CVE-2021-3696)
- grub2: Crafted JPEG image can lead to buffer underflow write in the heap (CVE-2021-3697)
- grub2: Out-of-bound write when handling split HTTP headers (CVE-2022-28734)
- grub2: shim_lock verifier allows non-kernel files to be loaded (CVE-2022-28735)
- grub2: use-after-free in grub_cmd_chainloader() (CVE-2022-28736)
- shim: Buffer overflow when loading crafted EFI images (CVE-2022-28737)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
- Red Hat Enterprise Linux Server - AUS 8.2 x86_64
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.2 x86_64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.2 x86_64
Fixes
- BZ - 1991685 - CVE-2021-3695 grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap
- BZ - 1991686 - CVE-2021-3696 grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling
- BZ - 1991687 - CVE-2021-3697 grub2: Crafted JPEG image can lead to buffer underflow write in the heap
- BZ - 2083339 - CVE-2022-28733 grub2: Integer underflow in grub_net_recv_ip4_packets
- BZ - 2090463 - CVE-2022-28734 grub2: Out-of-bound write when handling split HTTP headers
- BZ - 2090857 - CVE-2022-28735 grub2: shim_lock verifier allows non-kernel files to be loaded
- BZ - 2090899 - CVE-2022-28737 shim: Buffer overflow when loading crafted EFI images
- BZ - 2092613 - CVE-2022-28736 grub2: use-after-free in grub_cmd_chainloader()
CVEs
- CVE-2021-3695
- CVE-2021-3696
- CVE-2021-3697
- CVE-2022-28733
- CVE-2022-28734
- CVE-2022-28735
- CVE-2022-28736
- CVE-2022-28737
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2
SRPM
grub2-2.02-87.el8_2.10.src.rpm
SHA-256: 48874fd24a5045a458b1137c46e1a28c239e55d3004595fcc6aa0f19ad5c82a1
mokutil-0.3.0-9.el8_2.2.src.rpm
SHA-256: 560d8f18fd3ea2f4d1f5f18136c9d0f555780ac3388c6bddc7f45d306fbc583e
shim-15.6-1.el8.src.rpm
SHA-256: b9fb543eb9bae0ce3314d8c5eff69267222cba1fafa79d7e926c77146198c068
x86_64
grub2-common-2.02-87.el8_2.10.noarch.rpm
SHA-256: 1884856f4c826dfa1a383f7fad5e04d996dc9bc56b075f9bffb665bb4fbfc656
grub2-debuginfo-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 9bd6c620b7ec53cb581e1dba069761f45fec0faae5e3bc08f82146b42a8780f6
grub2-debugsource-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 4c7cc8795379610eefbf93736defdcccb0aaeae47314726b017f4830408b2eed
grub2-efi-aa64-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 6f614fb8bfe9f4a82b3b4337065de71dab755ac6ad78b1cd023436d62f78b577
grub2-efi-ia32-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 8d6fdcbaf4c5532ead82afcabf59824c0381d3b37a3e421165368bf2099087c5
grub2-efi-ia32-cdboot-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 3665ea5921cfc406964dc97ba303266095738fbe2e9bda8a9898c7c7c9474960
grub2-efi-ia32-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 401cb9192da9d9a803d404ae8fdd1e62f895adc269a4a2f682ef6738e12e6442
grub2-efi-x64-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 4319fa1e43632853be991f7c83e2f28f25fe63f52277b7768e8e2a733a0f933b
grub2-efi-x64-cdboot-2.02-87.el8_2.10.x86_64.rpm
SHA-256: f79138ededf2acbdec7dc7501f7dd9a734bfe90212e9af4a1d49a92dd4ad022d
grub2-efi-x64-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 159e84d18ec15dbe3dbe8084ee7cdeb9c0fad3ea26a1ff35ae5f5bd2f4e851d2
grub2-pc-2.02-87.el8_2.10.x86_64.rpm
SHA-256: cb35241db3e6bfac3e098969be6c99c0e36325959140c5f0a18d91a8da5b5f30
grub2-pc-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: ca822b29a615241a94e3c581df357c562beeb5ac5f4592e2529ffbae9817ecfa
grub2-ppc64le-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 12dd3817736c0f3e69b16bb0fed994e49e6888564145fc4c988e5db9426b452c
grub2-tools-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 0eca555e3c3f3ef785783dce15203faa04aff9de670b2dd5f6f7f6a70b0d1423
grub2-tools-debuginfo-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 938a534ff5b61884458326f3738ed87d11a38a9e147ca0978ccd35242c73de89
grub2-tools-efi-2.02-87.el8_2.10.x86_64.rpm
SHA-256: f3ea88b31d20898510482e491923db19514d911cf0655ac394653d4880882a75
grub2-tools-efi-debuginfo-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 6f3d2e558ef927acd1b6035c5e1fc6153b4b329efd113362e31a48960fd6954c
grub2-tools-extra-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 0e390522b5cfc11dce62da5493cbc18ce44a49ddedb2d62423d31283c13e9313
grub2-tools-extra-debuginfo-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 047411245180174887e7c7f4f5165ee7302ef33d0c672732dfd3c32caf92143d
grub2-tools-minimal-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 43fab375dc9c4862120793113a4e25060e701598fb1be3420be4c4ff949c3bd7
grub2-tools-minimal-debuginfo-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 5b68c08640027f505ac92bf822dd44f91139669ccf32d236d25424c0517ec36c
mokutil-0.3.0-9.el8_2.2.x86_64.rpm
SHA-256: d89d083d008d1fd1f143fc51a2249201bc1d082264815623f5f777c3bb42e1c1
mokutil-debuginfo-0.3.0-9.el8_2.2.x86_64.rpm
SHA-256: cf159d925ead93dfe8f185d2a8d90d03997d263d30136479f559c298a574b849
mokutil-debugsource-0.3.0-9.el8_2.2.x86_64.rpm
SHA-256: d2eee2b09eaed00a2751318254ea42191c2f2c92189b76b46f8701faefb43029
shim-ia32-15.6-1.el8.x86_64.rpm
SHA-256: 88f0659083e351ab8b8767a54336b69635d20797232d018ffbc9c578c8fc5c2b
shim-x64-15.6-1.el8.x86_64.rpm
SHA-256: d725cc71c0cb795b4e42e5595ede9460419e8924635802dcf8415cc1c7004358
Red Hat Enterprise Linux Server - AUS 8.2
SRPM
grub2-2.02-87.el8_2.10.src.rpm
SHA-256: 48874fd24a5045a458b1137c46e1a28c239e55d3004595fcc6aa0f19ad5c82a1
mokutil-0.3.0-9.el8_2.2.src.rpm
SHA-256: 560d8f18fd3ea2f4d1f5f18136c9d0f555780ac3388c6bddc7f45d306fbc583e
shim-15.6-1.el8.src.rpm
SHA-256: b9fb543eb9bae0ce3314d8c5eff69267222cba1fafa79d7e926c77146198c068
x86_64
grub2-common-2.02-87.el8_2.10.noarch.rpm
SHA-256: 1884856f4c826dfa1a383f7fad5e04d996dc9bc56b075f9bffb665bb4fbfc656
grub2-debuginfo-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 9bd6c620b7ec53cb581e1dba069761f45fec0faae5e3bc08f82146b42a8780f6
grub2-debugsource-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 4c7cc8795379610eefbf93736defdcccb0aaeae47314726b017f4830408b2eed
grub2-efi-aa64-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 6f614fb8bfe9f4a82b3b4337065de71dab755ac6ad78b1cd023436d62f78b577
grub2-efi-ia32-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 8d6fdcbaf4c5532ead82afcabf59824c0381d3b37a3e421165368bf2099087c5
grub2-efi-ia32-cdboot-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 3665ea5921cfc406964dc97ba303266095738fbe2e9bda8a9898c7c7c9474960
grub2-efi-ia32-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 401cb9192da9d9a803d404ae8fdd1e62f895adc269a4a2f682ef6738e12e6442
grub2-efi-x64-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 4319fa1e43632853be991f7c83e2f28f25fe63f52277b7768e8e2a733a0f933b
grub2-efi-x64-cdboot-2.02-87.el8_2.10.x86_64.rpm
SHA-256: f79138ededf2acbdec7dc7501f7dd9a734bfe90212e9af4a1d49a92dd4ad022d
grub2-efi-x64-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 159e84d18ec15dbe3dbe8084ee7cdeb9c0fad3ea26a1ff35ae5f5bd2f4e851d2
grub2-pc-2.02-87.el8_2.10.x86_64.rpm
SHA-256: cb35241db3e6bfac3e098969be6c99c0e36325959140c5f0a18d91a8da5b5f30
grub2-pc-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: ca822b29a615241a94e3c581df357c562beeb5ac5f4592e2529ffbae9817ecfa
grub2-ppc64le-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 12dd3817736c0f3e69b16bb0fed994e49e6888564145fc4c988e5db9426b452c
grub2-tools-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 0eca555e3c3f3ef785783dce15203faa04aff9de670b2dd5f6f7f6a70b0d1423
grub2-tools-debuginfo-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 938a534ff5b61884458326f3738ed87d11a38a9e147ca0978ccd35242c73de89
grub2-tools-efi-2.02-87.el8_2.10.x86_64.rpm
SHA-256: f3ea88b31d20898510482e491923db19514d911cf0655ac394653d4880882a75
grub2-tools-efi-debuginfo-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 6f3d2e558ef927acd1b6035c5e1fc6153b4b329efd113362e31a48960fd6954c
grub2-tools-extra-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 0e390522b5cfc11dce62da5493cbc18ce44a49ddedb2d62423d31283c13e9313
grub2-tools-extra-debuginfo-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 047411245180174887e7c7f4f5165ee7302ef33d0c672732dfd3c32caf92143d
grub2-tools-minimal-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 43fab375dc9c4862120793113a4e25060e701598fb1be3420be4c4ff949c3bd7
grub2-tools-minimal-debuginfo-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 5b68c08640027f505ac92bf822dd44f91139669ccf32d236d25424c0517ec36c
mokutil-0.3.0-9.el8_2.2.x86_64.rpm
SHA-256: d89d083d008d1fd1f143fc51a2249201bc1d082264815623f5f777c3bb42e1c1
mokutil-debuginfo-0.3.0-9.el8_2.2.x86_64.rpm
SHA-256: cf159d925ead93dfe8f185d2a8d90d03997d263d30136479f559c298a574b849
mokutil-debugsource-0.3.0-9.el8_2.2.x86_64.rpm
SHA-256: d2eee2b09eaed00a2751318254ea42191c2f2c92189b76b46f8701faefb43029
shim-ia32-15.6-1.el8.x86_64.rpm
SHA-256: 88f0659083e351ab8b8767a54336b69635d20797232d018ffbc9c578c8fc5c2b
shim-x64-15.6-1.el8.x86_64.rpm
SHA-256: d725cc71c0cb795b4e42e5595ede9460419e8924635802dcf8415cc1c7004358
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2
SRPM
grub2-2.02-87.el8_2.10.src.rpm
SHA-256: 48874fd24a5045a458b1137c46e1a28c239e55d3004595fcc6aa0f19ad5c82a1
ppc64le
grub2-common-2.02-87.el8_2.10.noarch.rpm
SHA-256: 1884856f4c826dfa1a383f7fad5e04d996dc9bc56b075f9bffb665bb4fbfc656
grub2-debuginfo-2.02-87.el8_2.10.ppc64le.rpm
SHA-256: fc70dd4260e569b7765a28fa6add0f3a211c33ecb5106d6519f890c4034d33df
grub2-debugsource-2.02-87.el8_2.10.ppc64le.rpm
SHA-256: 969c52b65afd3ecd847dee9e0a1ea00fa800ef7e828988f28dccbbac9adf2244
grub2-efi-aa64-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 6f614fb8bfe9f4a82b3b4337065de71dab755ac6ad78b1cd023436d62f78b577
grub2-efi-ia32-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 401cb9192da9d9a803d404ae8fdd1e62f895adc269a4a2f682ef6738e12e6442
grub2-efi-x64-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 159e84d18ec15dbe3dbe8084ee7cdeb9c0fad3ea26a1ff35ae5f5bd2f4e851d2
grub2-pc-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: ca822b29a615241a94e3c581df357c562beeb5ac5f4592e2529ffbae9817ecfa
grub2-ppc64le-2.02-87.el8_2.10.ppc64le.rpm
SHA-256: e1fddc04cbd0b91c9bbb40bd8308d95d46d675ad0240abee859a3a1627b07743
grub2-ppc64le-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 12dd3817736c0f3e69b16bb0fed994e49e6888564145fc4c988e5db9426b452c
grub2-tools-2.02-87.el8_2.10.ppc64le.rpm
SHA-256: 3467df0494d3f09c88fa85896ab0248fce52c35dfe3530121ac9e3d967c688dc
grub2-tools-debuginfo-2.02-87.el8_2.10.ppc64le.rpm
SHA-256: 9d7d8818a141113c5966d7a4c54b6e151a1c6f6f8c1000637e13a4fb9f898fd7
grub2-tools-extra-2.02-87.el8_2.10.ppc64le.rpm
SHA-256: 875dd9a48143e01a010d2bc3f4d084b5962e80489f2060665fe26b7760e1345e
grub2-tools-extra-debuginfo-2.02-87.el8_2.10.ppc64le.rpm
SHA-256: c781cd22824cb334ab2dbbf1bb6d24e26e1796a126578616d06acde9c855174f
grub2-tools-minimal-2.02-87.el8_2.10.ppc64le.rpm
SHA-256: de218f1783eb81d1c7497db6a0d9339917ea9840f0ee98413d945574b60b96a8
grub2-tools-minimal-debuginfo-2.02-87.el8_2.10.ppc64le.rpm
SHA-256: 72e34cc0f78ba3750bf9602475414365e69569ba40b7ba25e902034e7986e8d6
Red Hat Enterprise Linux Server - TUS 8.2
SRPM
grub2-2.02-87.el8_2.10.src.rpm
SHA-256: 48874fd24a5045a458b1137c46e1a28c239e55d3004595fcc6aa0f19ad5c82a1
mokutil-0.3.0-9.el8_2.2.src.rpm
SHA-256: 560d8f18fd3ea2f4d1f5f18136c9d0f555780ac3388c6bddc7f45d306fbc583e
shim-15.6-1.el8.src.rpm
SHA-256: b9fb543eb9bae0ce3314d8c5eff69267222cba1fafa79d7e926c77146198c068
x86_64
grub2-common-2.02-87.el8_2.10.noarch.rpm
SHA-256: 1884856f4c826dfa1a383f7fad5e04d996dc9bc56b075f9bffb665bb4fbfc656
grub2-debuginfo-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 9bd6c620b7ec53cb581e1dba069761f45fec0faae5e3bc08f82146b42a8780f6
grub2-debugsource-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 4c7cc8795379610eefbf93736defdcccb0aaeae47314726b017f4830408b2eed
grub2-efi-aa64-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 6f614fb8bfe9f4a82b3b4337065de71dab755ac6ad78b1cd023436d62f78b577
grub2-efi-ia32-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 8d6fdcbaf4c5532ead82afcabf59824c0381d3b37a3e421165368bf2099087c5
grub2-efi-ia32-cdboot-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 3665ea5921cfc406964dc97ba303266095738fbe2e9bda8a9898c7c7c9474960
grub2-efi-ia32-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 401cb9192da9d9a803d404ae8fdd1e62f895adc269a4a2f682ef6738e12e6442
grub2-efi-x64-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 4319fa1e43632853be991f7c83e2f28f25fe63f52277b7768e8e2a733a0f933b
grub2-efi-x64-cdboot-2.02-87.el8_2.10.x86_64.rpm
SHA-256: f79138ededf2acbdec7dc7501f7dd9a734bfe90212e9af4a1d49a92dd4ad022d
grub2-efi-x64-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 159e84d18ec15dbe3dbe8084ee7cdeb9c0fad3ea26a1ff35ae5f5bd2f4e851d2
grub2-pc-2.02-87.el8_2.10.x86_64.rpm
SHA-256: cb35241db3e6bfac3e098969be6c99c0e36325959140c5f0a18d91a8da5b5f30
grub2-pc-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: ca822b29a615241a94e3c581df357c562beeb5ac5f4592e2529ffbae9817ecfa
grub2-ppc64le-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 12dd3817736c0f3e69b16bb0fed994e49e6888564145fc4c988e5db9426b452c
grub2-tools-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 0eca555e3c3f3ef785783dce15203faa04aff9de670b2dd5f6f7f6a70b0d1423
grub2-tools-debuginfo-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 938a534ff5b61884458326f3738ed87d11a38a9e147ca0978ccd35242c73de89
grub2-tools-efi-2.02-87.el8_2.10.x86_64.rpm
SHA-256: f3ea88b31d20898510482e491923db19514d911cf0655ac394653d4880882a75
grub2-tools-efi-debuginfo-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 6f3d2e558ef927acd1b6035c5e1fc6153b4b329efd113362e31a48960fd6954c
grub2-tools-extra-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 0e390522b5cfc11dce62da5493cbc18ce44a49ddedb2d62423d31283c13e9313
grub2-tools-extra-debuginfo-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 047411245180174887e7c7f4f5165ee7302ef33d0c672732dfd3c32caf92143d
grub2-tools-minimal-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 43fab375dc9c4862120793113a4e25060e701598fb1be3420be4c4ff949c3bd7
grub2-tools-minimal-debuginfo-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 5b68c08640027f505ac92bf822dd44f91139669ccf32d236d25424c0517ec36c
mokutil-0.3.0-9.el8_2.2.x86_64.rpm
SHA-256: d89d083d008d1fd1f143fc51a2249201bc1d082264815623f5f777c3bb42e1c1
mokutil-debuginfo-0.3.0-9.el8_2.2.x86_64.rpm
SHA-256: cf159d925ead93dfe8f185d2a8d90d03997d263d30136479f559c298a574b849
mokutil-debugsource-0.3.0-9.el8_2.2.x86_64.rpm
SHA-256: d2eee2b09eaed00a2751318254ea42191c2f2c92189b76b46f8701faefb43029
shim-ia32-15.6-1.el8.x86_64.rpm
SHA-256: 88f0659083e351ab8b8767a54336b69635d20797232d018ffbc9c578c8fc5c2b
shim-x64-15.6-1.el8.x86_64.rpm
SHA-256: d725cc71c0cb795b4e42e5595ede9460419e8924635802dcf8415cc1c7004358
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2
SRPM
grub2-2.02-87.el8_2.10.src.rpm
SHA-256: 48874fd24a5045a458b1137c46e1a28c239e55d3004595fcc6aa0f19ad5c82a1
mokutil-0.3.0-9.el8_2.2.src.rpm
SHA-256: 560d8f18fd3ea2f4d1f5f18136c9d0f555780ac3388c6bddc7f45d306fbc583e
shim-15.6-1.el8.src.rpm
SHA-256: b9fb543eb9bae0ce3314d8c5eff69267222cba1fafa79d7e926c77146198c068
aarch64
grub2-common-2.02-87.el8_2.10.noarch.rpm
SHA-256: 1884856f4c826dfa1a383f7fad5e04d996dc9bc56b075f9bffb665bb4fbfc656
grub2-debuginfo-2.02-87.el8_2.10.aarch64.rpm
SHA-256: 92c38e0e4e161143b738b003cc93b5b0bf9c733de8c334d6f69a06c541858e1a
grub2-debugsource-2.02-87.el8_2.10.aarch64.rpm
SHA-256: 4318c7b12328b80c8e236ac0dc77c8bcdd5666db6f197c84a2f42d625fb8d714
grub2-efi-aa64-2.02-87.el8_2.10.aarch64.rpm
SHA-256: 6336451ea0643c7f7108a4b1d5331ece58d9158c5b62b991e024cae4f4d1dee9
grub2-efi-aa64-cdboot-2.02-87.el8_2.10.aarch64.rpm
SHA-256: c3556e16f8d1ea1812448d4ced367fc6614dcd70b11050a1135d26a83ef7e95a
grub2-efi-aa64-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 6f614fb8bfe9f4a82b3b4337065de71dab755ac6ad78b1cd023436d62f78b577
grub2-efi-ia32-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 401cb9192da9d9a803d404ae8fdd1e62f895adc269a4a2f682ef6738e12e6442
grub2-efi-x64-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 159e84d18ec15dbe3dbe8084ee7cdeb9c0fad3ea26a1ff35ae5f5bd2f4e851d2
grub2-pc-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: ca822b29a615241a94e3c581df357c562beeb5ac5f4592e2529ffbae9817ecfa
grub2-ppc64le-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 12dd3817736c0f3e69b16bb0fed994e49e6888564145fc4c988e5db9426b452c
grub2-tools-2.02-87.el8_2.10.aarch64.rpm
SHA-256: a2676dd9dc8c491e699766f827657c5c1897c361176a997bdc4c06f1958090cf
grub2-tools-debuginfo-2.02-87.el8_2.10.aarch64.rpm
SHA-256: 9b94f38af79463f17631a3edda902e1856f893fd2a716bc738bdf8c38a2f2bd2
grub2-tools-extra-2.02-87.el8_2.10.aarch64.rpm
SHA-256: 578585a6baa3016adadf86bddf6ef9a5b509ad93166a0f24a5dc155a7e46c073
grub2-tools-extra-debuginfo-2.02-87.el8_2.10.aarch64.rpm
SHA-256: c3d14bf798a1b1eef238f66637803343e75f3fb9aaca3d8f794f289250c98674
grub2-tools-minimal-2.02-87.el8_2.10.aarch64.rpm
SHA-256: 040178ad8da72efeaabe794dee5c95126601718538de27e70b09e558729c57f9
grub2-tools-minimal-debuginfo-2.02-87.el8_2.10.aarch64.rpm
SHA-256: 5931bafa5290cba3de566ecb862321bab5713ba1201394a8b182a334d4a71448
mokutil-0.3.0-9.el8_2.2.aarch64.rpm
SHA-256: 18b5630ca2462a324c64ae54ecf0d34e738e3a418f94601341f924f64ea5c303
mokutil-debuginfo-0.3.0-9.el8_2.2.aarch64.rpm
SHA-256: b0787113e4452e348d9c574c9ae68f81f8f4e29c963f0b65a026b27ba82e44ba
mokutil-debugsource-0.3.0-9.el8_2.2.aarch64.rpm
SHA-256: 32e2e2f8fa14fcad527d67e829d0bd002d13eacd880979a0c44cc5a35717667a
shim-aa64-15.6-1.el8.aarch64.rpm
SHA-256: fa746bdbe84370e415f826f411f032192108db5d58e3f752909face11aae2325
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2
SRPM
grub2-2.02-87.el8_2.10.src.rpm
SHA-256: 48874fd24a5045a458b1137c46e1a28c239e55d3004595fcc6aa0f19ad5c82a1
ppc64le
grub2-common-2.02-87.el8_2.10.noarch.rpm
SHA-256: 1884856f4c826dfa1a383f7fad5e04d996dc9bc56b075f9bffb665bb4fbfc656
grub2-debuginfo-2.02-87.el8_2.10.ppc64le.rpm
SHA-256: fc70dd4260e569b7765a28fa6add0f3a211c33ecb5106d6519f890c4034d33df
grub2-debugsource-2.02-87.el8_2.10.ppc64le.rpm
SHA-256: 969c52b65afd3ecd847dee9e0a1ea00fa800ef7e828988f28dccbbac9adf2244
grub2-efi-aa64-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 6f614fb8bfe9f4a82b3b4337065de71dab755ac6ad78b1cd023436d62f78b577
grub2-efi-ia32-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 401cb9192da9d9a803d404ae8fdd1e62f895adc269a4a2f682ef6738e12e6442
grub2-efi-x64-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 159e84d18ec15dbe3dbe8084ee7cdeb9c0fad3ea26a1ff35ae5f5bd2f4e851d2
grub2-pc-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: ca822b29a615241a94e3c581df357c562beeb5ac5f4592e2529ffbae9817ecfa
grub2-ppc64le-2.02-87.el8_2.10.ppc64le.rpm
SHA-256: e1fddc04cbd0b91c9bbb40bd8308d95d46d675ad0240abee859a3a1627b07743
grub2-ppc64le-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 12dd3817736c0f3e69b16bb0fed994e49e6888564145fc4c988e5db9426b452c
grub2-tools-2.02-87.el8_2.10.ppc64le.rpm
SHA-256: 3467df0494d3f09c88fa85896ab0248fce52c35dfe3530121ac9e3d967c688dc
grub2-tools-debuginfo-2.02-87.el8_2.10.ppc64le.rpm
SHA-256: 9d7d8818a141113c5966d7a4c54b6e151a1c6f6f8c1000637e13a4fb9f898fd7
grub2-tools-extra-2.02-87.el8_2.10.ppc64le.rpm
SHA-256: 875dd9a48143e01a010d2bc3f4d084b5962e80489f2060665fe26b7760e1345e
grub2-tools-extra-debuginfo-2.02-87.el8_2.10.ppc64le.rpm
SHA-256: c781cd22824cb334ab2dbbf1bb6d24e26e1796a126578616d06acde9c855174f
grub2-tools-minimal-2.02-87.el8_2.10.ppc64le.rpm
SHA-256: de218f1783eb81d1c7497db6a0d9339917ea9840f0ee98413d945574b60b96a8
grub2-tools-minimal-debuginfo-2.02-87.el8_2.10.ppc64le.rpm
SHA-256: 72e34cc0f78ba3750bf9602475414365e69569ba40b7ba25e902034e7986e8d6
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2
SRPM
grub2-2.02-87.el8_2.10.src.rpm
SHA-256: 48874fd24a5045a458b1137c46e1a28c239e55d3004595fcc6aa0f19ad5c82a1
mokutil-0.3.0-9.el8_2.2.src.rpm
SHA-256: 560d8f18fd3ea2f4d1f5f18136c9d0f555780ac3388c6bddc7f45d306fbc583e
shim-15.6-1.el8.src.rpm
SHA-256: b9fb543eb9bae0ce3314d8c5eff69267222cba1fafa79d7e926c77146198c068
x86_64
grub2-common-2.02-87.el8_2.10.noarch.rpm
SHA-256: 1884856f4c826dfa1a383f7fad5e04d996dc9bc56b075f9bffb665bb4fbfc656
grub2-debuginfo-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 9bd6c620b7ec53cb581e1dba069761f45fec0faae5e3bc08f82146b42a8780f6
grub2-debugsource-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 4c7cc8795379610eefbf93736defdcccb0aaeae47314726b017f4830408b2eed
grub2-efi-aa64-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 6f614fb8bfe9f4a82b3b4337065de71dab755ac6ad78b1cd023436d62f78b577
grub2-efi-ia32-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 8d6fdcbaf4c5532ead82afcabf59824c0381d3b37a3e421165368bf2099087c5
grub2-efi-ia32-cdboot-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 3665ea5921cfc406964dc97ba303266095738fbe2e9bda8a9898c7c7c9474960
grub2-efi-ia32-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 401cb9192da9d9a803d404ae8fdd1e62f895adc269a4a2f682ef6738e12e6442
grub2-efi-x64-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 4319fa1e43632853be991f7c83e2f28f25fe63f52277b7768e8e2a733a0f933b
grub2-efi-x64-cdboot-2.02-87.el8_2.10.x86_64.rpm
SHA-256: f79138ededf2acbdec7dc7501f7dd9a734bfe90212e9af4a1d49a92dd4ad022d
grub2-efi-x64-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 159e84d18ec15dbe3dbe8084ee7cdeb9c0fad3ea26a1ff35ae5f5bd2f4e851d2
grub2-pc-2.02-87.el8_2.10.x86_64.rpm
SHA-256: cb35241db3e6bfac3e098969be6c99c0e36325959140c5f0a18d91a8da5b5f30
grub2-pc-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: ca822b29a615241a94e3c581df357c562beeb5ac5f4592e2529ffbae9817ecfa
grub2-ppc64le-modules-2.02-87.el8_2.10.noarch.rpm
SHA-256: 12dd3817736c0f3e69b16bb0fed994e49e6888564145fc4c988e5db9426b452c
grub2-tools-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 0eca555e3c3f3ef785783dce15203faa04aff9de670b2dd5f6f7f6a70b0d1423
grub2-tools-debuginfo-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 938a534ff5b61884458326f3738ed87d11a38a9e147ca0978ccd35242c73de89
grub2-tools-efi-2.02-87.el8_2.10.x86_64.rpm
SHA-256: f3ea88b31d20898510482e491923db19514d911cf0655ac394653d4880882a75
grub2-tools-efi-debuginfo-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 6f3d2e558ef927acd1b6035c5e1fc6153b4b329efd113362e31a48960fd6954c
grub2-tools-extra-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 0e390522b5cfc11dce62da5493cbc18ce44a49ddedb2d62423d31283c13e9313
grub2-tools-extra-debuginfo-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 047411245180174887e7c7f4f5165ee7302ef33d0c672732dfd3c32caf92143d
grub2-tools-minimal-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 43fab375dc9c4862120793113a4e25060e701598fb1be3420be4c4ff949c3bd7
grub2-tools-minimal-debuginfo-2.02-87.el8_2.10.x86_64.rpm
SHA-256: 5b68c08640027f505ac92bf822dd44f91139669ccf32d236d25424c0517ec36c
mokutil-0.3.0-9.el8_2.2.x86_64.rpm
SHA-256: d89d083d008d1fd1f143fc51a2249201bc1d082264815623f5f777c3bb42e1c1
mokutil-debuginfo-0.3.0-9.el8_2.2.x86_64.rpm
SHA-256: cf159d925ead93dfe8f185d2a8d90d03997d263d30136479f559c298a574b849
mokutil-debugsource-0.3.0-9.el8_2.2.x86_64.rpm
SHA-256: d2eee2b09eaed00a2751318254ea42191c2f2c92189b76b46f8701faefb43029
shim-ia32-15.6-1.el8.x86_64.rpm
SHA-256: 88f0659083e351ab8b8767a54336b69635d20797232d018ffbc9c578c8fc5c2b
shim-x64-15.6-1.el8.x86_64.rpm
SHA-256: d725cc71c0cb795b4e42e5595ede9460419e8924635802dcf8415cc1c7004358
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.2
SRPM
shim-unsigned-x64-15.6-1.el8.src.rpm
SHA-256: f4d62797e0ee2d2f17b478027c87744aa1bd5b5ef968f9ad29305e97f73e172c
x86_64
shim-unsigned-x64-15.6-1.el8.x86_64.rpm
SHA-256: 24fd275b673bee6c5529f664f44dae758b5106156f0501d6a6a76620213e1b3c
Related news
An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads that may be deployed during this time window. This issue impacts HyperCloud versions from 2.0.0 to before 2.0.3.
Ubuntu Security Notice 6355-1 - Daniel Axtens discovered that specially crafted images could cause a heap-based out-of-bonds write. A local attacker could possibly use this to circumvent secure boot protections. Daniel Axtens discovered that specially crafted images could cause out-of-bonds read and write. A local attacker could possibly use this to circumvent secure boot protections. Daniel Axtens discovered that specially crafted images could cause buffer underwrite which allows arbitrary data to be written to a heap. A local attacker could possibly use this to circumvent secure boot protections.
Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. Under certain circumstances the total_len value may end up wrapping around to a small integer number which will be used in memory allocation. If the attack succeeds in such way, subsequent operations can write past the end of the buffer.
Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic signature vulnerability. An attacker can trick a high privileged user to install a malicious binary by bypassing the existing cryptographic signature checks
Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.
Dell EMC Metro node, Version(s) prior to 7.1, contain a Code Injection Vulnerability. An authenticated nonprivileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application.
Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]
An update for grub2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-28733: grub2: Integer underflow in grub_net_recv_ip4_packets
Gentoo Linux Security Advisory 202209-12 - Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass. Versions less than 2.06 are affected.
Red Hat Security Advisory 2022-5069-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.0. Issues addressed include code execution, cross site scripting, denial of service, information leakage, and traversal vulnerabilities.
Red Hat OpenShift Container Platform release 4.11.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-23566: nanoid: Information disclosure via valueOf() function * CVE-2021-23648: sanitize-url: XSS * CVE-2021-41190: opencontainers: OCI manifest and index parsing confusion * CVE-2021-44906:...
Red Hat Security Advisory 2022-5531-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.1 General Availability release images, which fix security issues and bugs.
An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27666: kernel: buffer overflow in IPsec ESP transformation code * CVE-2022-28733: grub2: Integer underflow in grub_net_recv_ip4_packets
Red Hat Advanced Cluster Management for Kubernetes 2.5.1 General Availability release images, which fix security issues and bugs. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24450: nats-server: misusing the "dynamically provisioned sandbox accounts" feature authenticated user can obtain the privileges of the System account
A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and positioning of corrupted Huffman entries to achieve results such as arbitrary code execution and/or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12.
A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be exploited as an attacker needs to perform some triage over the heap layout to achieve signifcant results, also the values written into the memory are repeated three times in a row making difficult to produce valid payloads. This flaw affects grub2 versions prior grub-2.12.
Red Hat Security Advisory 2022-5392-01 - Red Hat Advanced Cluster Management for Kubernetes 2.3.11 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which resolve security issues and fix several bugs. Issues addressed include a traversal vulnerability.
Red Hat Advanced Cluster Management for Kubernetes 2.3.11 general availability release images, which provide security updates and bug fixes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0235: node-fetch: exposure of sensitive information to an unauthorized actor * CVE-2022-0536: follow-redirects: Exposure of Sensitive Information via Authorization Header leak * CVE-2022-21803: nconf: Prototype pollution in memory store * CVE-2022-23806: golang: crypto/elliptic IsOnCurv...
Red Hat Security Advisory 2022-5201-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.5 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which apply security fixes and fix several bugs. Issues addressed include a traversal vulnerability.
Red Hat Advanced Cluster Management for Kubernetes 2.4.5 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-43565: golang.org/x/crypto: empty plaintext packet causes panic * CVE-2022-21803: nconf: Prototype pollution in memory store * CVE-2022-23806: golang: crypto/elliptic IsOnCurve returns true for invalid field elements * CVE-2022-24450: nats-server: misusing the "dynamically provisioned sand...
Red Hat Security Advisory 2022-5099-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-5100-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-5095-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-5096-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-5098-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733: grub2: Integer underflow ...
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733: grub2: Integer underflow ...
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733:...
An update for grub2, mokutil, and shim is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap * CVE-2022-28733: grub2: I...