openSUSE-SU-2021:0462-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2021:0462-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2021:0462-1
Related
Published
2021-03-22T11:05:35Z
Modified
2021-03-22T11:05:35Z
Summary
Security update for grub2
Details

This update for grub2 fixes the following issues:

grub2 implements the new 'SBAT' method for SHIM based secure boot revocation. (bsc#1182057)

  • CVE-2020-25632: Fixed a use-after-free in rmmod command (bsc#1176711)
  • CVE-2020-25647: Fixed an out-of-bound write in grubusbdevice_initialize() (bsc#1177883)
  • CVE-2020-27749: Fixed a stack buffer overflow in grubparsersplit_cmdline (bsc#1179264)
  • CVE-2020-27779, CVE-2020-14372: Disallow cutmem and acpi commands in secure boot mode (bsc#1179265 bsc#1175970)
  • CVE-2021-20225: Fixed a heap out-of-bounds write in short form option parser (bsc#1182262)
  • CVE-2021-20233: Fixed a heap out-of-bound write due to mis-calculation of space required for quoting (bsc#1182263)

  • Fixed chainloading windows on dual boot machine (bsc#1183073)

This update was imported from the SUSE:SLE-15-SP2:Update update project.

References

Affected packages

openSUSE:Leap 15.2 / grub2

Package

Name
grub2
Purl
pkg:rpm/opensuse/grub2&distro=openSUSE%20Leap%2015.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.04-lp152.7.22.7

Ecosystem specific

{
    "binaries": [
        {
            "grub2-branding-upstream": "2.04-lp152.7.22.7",
            "grub2-i386-pc-debug": "2.04-lp152.7.22.7",
            "grub2-i386-efi-debug": "2.04-lp152.7.22.7",
            "grub2-snapper-plugin": "2.04-lp152.7.22.7",
            "grub2-systemd-sleep-plugin": "2.04-lp152.7.22.7",
            "grub2-i386-xen": "2.04-lp152.7.22.7",
            "grub2-x86_64-efi-debug": "2.04-lp152.7.22.7",
            "grub2-x86_64-efi": "2.04-lp152.7.22.7",
            "grub2-i386-efi": "2.04-lp152.7.22.7",
            "grub2-i386-pc": "2.04-lp152.7.22.7",
            "grub2": "2.04-lp152.7.22.7",
            "grub2-x86_64-xen": "2.04-lp152.7.22.7"
        }
    ]
}