Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:8494: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-2601: grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass
  • CVE-2022-3775: grub2: Heap based out-of-bounds write when redering certain unicode sequences
Red Hat Security Data
#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes#aws#buffer_overflow#sap

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2022-11-16

Updated:

2022-11-16

RHSA-2022:8494 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: grub2 security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for grub2 is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices.

Security Fix(es):

  • grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass (CVE-2022-2601)
  • grub2: Heap based out-of-bounds write when redering certain unicode sequences (CVE-2022-3775)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64

Fixes

  • BZ - 2112975 - CVE-2022-2601 grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass
  • BZ - 2138880 - CVE-2022-3775 grub2: Heap based out-of-bounds write when redering certain unicode sequences

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1

SRPM

grub2-2.02-87.el8_1.11.src.rpm

SHA-256: 5b9e2bd1e46cdcc47b9ca0c63caa4f119c6cd79dceb109e4889bee2b5a55ae7b

ppc64le

grub2-common-2.02-87.el8_1.11.noarch.rpm

SHA-256: 83b53756c5e09d6a0161fc0d769e16f835f621ab2009ca69dc944c7e749e4fe1

grub2-debuginfo-2.02-87.el8_1.11.ppc64le.rpm

SHA-256: 2ab177b25988c21e294720bdd7cba58fff2d1ff01448fe4ec9adaee06b216778

grub2-debugsource-2.02-87.el8_1.11.ppc64le.rpm

SHA-256: b3bbacc8af1ae867aab305b5a921301bdbede95325c8633750fe75fdd47d8047

grub2-efi-aa64-modules-2.02-87.el8_1.11.noarch.rpm

SHA-256: 722c88624dfafe82e5881d04d85d2b1727d50c4729e9524742211c83c619d76c

grub2-efi-ia32-modules-2.02-87.el8_1.11.noarch.rpm

SHA-256: c68884a074128a3cfc8b3703b0ab21fe478852916dd0e870f6e5e36350d589e1

grub2-efi-x64-modules-2.02-87.el8_1.11.noarch.rpm

SHA-256: c57ad032083461243601252f932aacf153d49a3c21d3ae58c05eee00b301f33f

grub2-pc-modules-2.02-87.el8_1.11.noarch.rpm

SHA-256: f1c91ff887587131d759293c31e21baeba965d95e8e20d46eb48b32d3c19e8ed

grub2-ppc64le-2.02-87.el8_1.11.ppc64le.rpm

SHA-256: dfa43abfd5df8e821e1a5ee983c867bac36250ba6b2c72222de5fdbe4d579b25

grub2-ppc64le-modules-2.02-87.el8_1.11.noarch.rpm

SHA-256: 3350a0efafa9397461200da1379a5ead30159ce8359e0a31dcbf4b3a46a8971e

grub2-tools-2.02-87.el8_1.11.ppc64le.rpm

SHA-256: bf2e43584585f2b4d5011fbdcc74bfb7e01b46bf5a4691c10b043f2a14af9de1

grub2-tools-debuginfo-2.02-87.el8_1.11.ppc64le.rpm

SHA-256: de126fc30046f8fd25ceb568950cd21b0b9fa58c1c3058de35ce028b2b5689c9

grub2-tools-extra-2.02-87.el8_1.11.ppc64le.rpm

SHA-256: 096f3a51b37dd05c3bc22f89e3d37b16cd071d73945b51b0783ee6b078661999

grub2-tools-extra-debuginfo-2.02-87.el8_1.11.ppc64le.rpm

SHA-256: 97dacf3751e2f892709e9fffea6be24d5d82d6ae1e900c906aa3d74b43b7ffc7

grub2-tools-minimal-2.02-87.el8_1.11.ppc64le.rpm

SHA-256: 6425212aea2c08fde46fbd9cbb84be43ad7beeb7acbdbe977a4720f7f8ff9956

grub2-tools-minimal-debuginfo-2.02-87.el8_1.11.ppc64le.rpm

SHA-256: e181a6152751a5aad942b26ae4f9266a5af61dd54fbfc1a6cc93acfaf05690a0

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1

SRPM

grub2-2.02-87.el8_1.11.src.rpm

SHA-256: 5b9e2bd1e46cdcc47b9ca0c63caa4f119c6cd79dceb109e4889bee2b5a55ae7b

x86_64

grub2-common-2.02-87.el8_1.11.noarch.rpm

SHA-256: 83b53756c5e09d6a0161fc0d769e16f835f621ab2009ca69dc944c7e749e4fe1

grub2-debuginfo-2.02-87.el8_1.11.x86_64.rpm

SHA-256: 355c5ed55fd1622f37872db267bdecde43b505754798c9ddaed5318b87da11a9

grub2-debugsource-2.02-87.el8_1.11.x86_64.rpm

SHA-256: e8809d8ef881c311f8e646df93fa6b0f4c3749f96f516b8c8722ac7d4a41b0e2

grub2-efi-aa64-modules-2.02-87.el8_1.11.noarch.rpm

SHA-256: 722c88624dfafe82e5881d04d85d2b1727d50c4729e9524742211c83c619d76c

grub2-efi-ia32-2.02-87.el8_1.11.x86_64.rpm

SHA-256: 436aacbd1ddcd4cd678e368c1f6077cc923fd43ff5590e573cf40ffdc4ee51eb

grub2-efi-ia32-cdboot-2.02-87.el8_1.11.x86_64.rpm

SHA-256: f5fac28abf1b98c06ab8b16fad08ef8421041ff4382faf9af650391d89fa74ae

grub2-efi-ia32-modules-2.02-87.el8_1.11.noarch.rpm

SHA-256: c68884a074128a3cfc8b3703b0ab21fe478852916dd0e870f6e5e36350d589e1

grub2-efi-x64-2.02-87.el8_1.11.x86_64.rpm

SHA-256: f19506413409968aa3d265d9aff8c94f052904dc5673db82a51321073f2ce1c6

grub2-efi-x64-cdboot-2.02-87.el8_1.11.x86_64.rpm

SHA-256: 955b3dab8599004a3a2c67a1520e29cf7d9efa5f71f65582a412305264208ba5

grub2-efi-x64-modules-2.02-87.el8_1.11.noarch.rpm

SHA-256: c57ad032083461243601252f932aacf153d49a3c21d3ae58c05eee00b301f33f

grub2-pc-2.02-87.el8_1.11.x86_64.rpm

SHA-256: 0620feb2243e3ef67634eaf9e3980effe7db34ff68eb8c636c3e09a0c7a15ca7

grub2-pc-modules-2.02-87.el8_1.11.noarch.rpm

SHA-256: f1c91ff887587131d759293c31e21baeba965d95e8e20d46eb48b32d3c19e8ed

grub2-ppc64le-modules-2.02-87.el8_1.11.noarch.rpm

SHA-256: 3350a0efafa9397461200da1379a5ead30159ce8359e0a31dcbf4b3a46a8971e

grub2-tools-2.02-87.el8_1.11.x86_64.rpm

SHA-256: e4c40c971303053e4537b2d2a1d89bf4e64856638ab30a581b879d682a1c65e8

grub2-tools-debuginfo-2.02-87.el8_1.11.x86_64.rpm

SHA-256: 801fb219042cce49bb7c08300d7d055bf2e7e1a8278e5c3062ca1e3d7aa2d240

grub2-tools-efi-2.02-87.el8_1.11.x86_64.rpm

SHA-256: 2314fe6b878a63f53119f03dd6c328539cacb58584c2e8afff1b15626fe60a1a

grub2-tools-efi-debuginfo-2.02-87.el8_1.11.x86_64.rpm

SHA-256: 4b58864bef3e367d60e90b4d930bd236d897757f54203fee4e39dfdccc7200c3

grub2-tools-extra-2.02-87.el8_1.11.x86_64.rpm

SHA-256: 8bd3abcdf5ad37442eea2c84afab52079d576d24f435544ed91cdfeba6c05f2f

grub2-tools-extra-debuginfo-2.02-87.el8_1.11.x86_64.rpm

SHA-256: 7a5df6511c47141fda3b9bd746fdc2a69b635c1631d4d0b95781827ffbb59ad5

grub2-tools-minimal-2.02-87.el8_1.11.x86_64.rpm

SHA-256: 1ab3b9d119d30f4b1069ff6efdf550f24f0160b5a4930bfd40a2a3069766ac37

grub2-tools-minimal-debuginfo-2.02-87.el8_1.11.x86_64.rpm

SHA-256: 616c71adbffb324896a88da1b192675ee7cf6fbb063b84558e69e90596986ebb

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

Red Hat Security Advisory 2024-2002-03

Red Hat Security Advisory 2024-2002-03 - An update for grub2 is now available for Red Hat Enterprise Linux 7. Issues addressed include buffer overflow and bypass vulnerabilities.

Gentoo Linux Security Advisory 202311-14

Gentoo Linux Security Advisory 202311-14 - Multiple vulnerabilities have been discovered in GRUB, which may lead to secure boot circumvention or code execution. Versions greater than or equal to 2.06-r9 are affected.

CVE-2023-23694: DSA-2023-071: Dell VxRail Security Update for Multiple Third-Party Component Vulnerabilities – 7.0.450

Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.

RHSA-2023:0934: Red Hat Security Advisory: Migration Toolkit for Applications security and bug fix update

Migration Toolkit for Applications 6.0.1 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36567: A flaw was found in gin. This issue occurs when the default Formatter for the Logger middleware (LoggerConfig.Formatter), which is included in the Default engine, allows attackers to inject arbitrary log entries by manipulating the request path. * CVE-2021-35065: A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to...

Red Hat Security Advisory 2023-0795-01

Red Hat Security Advisory 2023-0795-01 - Submariner 0.13.3 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.6.

RHSA-2023:0795: Red Hat Security Advisory: RHSA: Submariner 0.13.3 - security updates and bug fixes

Submariner 0.13.3 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.6 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: A vulnerability was found in the golang.org/x/text/language package. An attacker can craft an Accept-Language header which ParseAcceptLanguage will take significant time to parse. This issue leads to a denial of service, and can impact availability.

Red Hat Security Advisory 2023-0752-01

Red Hat Security Advisory 2023-0752-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, bypass, and out of bounds write vulnerabilities.

RHSA-2023:0752: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2601: A flaw was found where a maliciously crafted pf2 font could lead to an out-of-bounds write in grub2. A successful attack can lead to memory corruption and secure boot circumvention. * CVE-2022-3775: A flaw was found in the grub2 font code. When rendering certain unicode sequences, it fails to properly validate the font width and height. These values...

RHSA-2023:0631: Red Hat Security Advisory: RHSA: Submariner 0.14 - bug fix and security updates

Submariner 0.14 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.7 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2880: A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go ...

Red Hat Security Advisory 2023-0049-01

Red Hat Security Advisory 2023-0049-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, bypass, and out of bounds write vulnerabilities.

RHSA-2023:0047: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2601: grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass * CVE-2022-3775: grub2: Heap based out-of-bounds write when redering certain unicode sequences

RHSA-2023:0048: Red Hat Security Advisory: grub2 security and bug fix update

An update for grub2 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2601: grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass * CVE-2022-3775: grub2: Heap based out-of-bounds write when redering certain unicode sequences

RHSA-2023:0049: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2601: grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass * CVE-2022-3775: grub2: Heap based out-of-bounds write when redering certain unicode sequences

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

CVE-2022-3775: Red Hat Customer Portal - Access to 24x7 support and knowledge

When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.

CVE-2022-2601: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass

A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism.

Red Hat Security Advisory 2022-8978-01

Red Hat Security Advisory 2022-8978-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, bypass, and out of bounds write vulnerabilities.

RHSA-2022:8978: Red Hat Security Advisory: grub2 security and bug fix update

An update for grub2 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2601: grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass * CVE-2022-3775: grub2: Heap based out-of-bounds write when redering certain unicode sequences

Red Hat Security Advisory 2022-8800-01

Red Hat Security Advisory 2022-8800-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, bypass, and out of bounds write vulnerabilities.

RHSA-2022:8800: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2601: grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass * CVE-2022-3775: grub2: Heap based out-of-bounds write when redering certain...

Red Hat Security Advisory 2022-8494-01

Red Hat Security Advisory 2022-8494-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, bypass, and out of bounds write vulnerabilities.

Debian Security Advisory 5280-1

Debian Linux Security Advisory 5280-1 - Several issues were found in GRUB2's font handling code, which could result in crashes and potentially execution of arbitrary code. These could lead to by-pass of UEFI Secure Boot on affected systems.