SUSE-SU-2021:0683-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:0683-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2021:0683-1
- Related
- Published
- 2021-03-02T18:04:52Z
- Modified
- 2021-03-02T18:04:52Z
- Summary
- Security update for grub2
- Details
-
This update for grub2 fixes the following issues:
grub2 implements the new 'SBAT' method for SHIM based secure boot revocation. (bsc#1182057)
- CVE-2020-25632: Fixed a use-after-free in rmmod command (bsc#1176711)
- CVE-2020-25647: Fixed an out-of-bound write in grubusbdevice_initialize() (bsc#1177883)
- CVE-2020-27749: Fixed a stack buffer overflow in grubparsersplit_cmdline (bsc#1179264)
- CVE-2020-27779, CVE-2020-14372: Disallow cutmem and acpi commands in secure boot mode (bsc#1179265 bsc#1175970)
- CVE-2021-20225: Fixed a heap out-of-bounds write in short form option parser (bsc#1182262)
- CVE-2021-20233: Fixed a heap out-of-bound write due to mis-calculation of space required for quoting (bsc#1182263)
- References
-
- https://www.suse.com/support/update/announcement/2021/suse-su-20210683-1/
- https://bugzilla.suse.com/1175970
- https://bugzilla.suse.com/1176711
- https://bugzilla.suse.com/1177883
- https://bugzilla.suse.com/1179264
- https://bugzilla.suse.com/1179265
- https://bugzilla.suse.com/1182057
- https://bugzilla.suse.com/1182262
- https://bugzilla.suse.com/1182263
- https://www.suse.com/security/cve/CVE-2020-14372
- https://www.suse.com/security/cve/CVE-2020-25632
- https://www.suse.com/security/cve/CVE-2020-25647
- https://www.suse.com/security/cve/CVE-2020-27749
- https://www.suse.com/security/cve/CVE-2020-27779
- https://www.suse.com/security/cve/CVE-2021-20225
- https://www.suse.com/security/cve/CVE-2021-20233
Affected packages
SUSE:Linux Enterprise Module for Basesystem 15 SP2 / grub2
Package
- Name
- grub2
- Purl
- purl:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.04-9.34.1
Ecosystem specific
{
"binaries": [
{
"grub2-s390x-emu": "2.04-9.34.1",
"grub2-x86_64-efi": "2.04-9.34.1",
"grub2-systemd-sleep-plugin": "2.04-9.34.1",
"grub2-snapper-plugin": "2.04-9.34.1",
"grub2-arm64-efi": "2.04-9.34.1",
"grub2-i386-pc": "2.04-9.34.1",
"grub2": "2.04-9.34.1",
"grub2-powerpc-ieee1275": "2.04-9.34.1"
}
]
}