The grub2 packages provide version 2 of the Grand Unified Boot Loader , a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Security Fix: * grub2: Integer underflow in grub_net_recv_ip4_packets * grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap * grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling * grub2: Crafted JPEG image can lead to buffer underflow write in the heap * grub2: Out-of-bound write when handling split HTTP headers * grub2: shim_lock verifier allows non-kernel files to be loaded * grub2: use-after-free in grub_cmd_chainloader * shim: Buffer overflow when loading crafted EFI images For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.