SUSE-SU-2021:0679-1 -- SLES grub2ID: oval:org.secpod.oval:def:89043597 | Date: (C)2021-03-05 (M)2022-10-27 |
Class: PATCH | Family: unix |
This update for grub2 fixes the following issues: grub2 now implements the new SBAT method for SHIM based secure boot revocation. Following security issues are fixed that can violate secure boot constraints: - CVE-2020-25632: Fixed a use-after-free in rmmod command - CVE-2020-25647: Fixed an out-of-bound write in grub_usb_device_initialize - CVE-2020-27749: Fixed a stack buffer overflow in grub_parser_split_cmdline - CVE-2020-27779, CVE-2020-14372: Disallow cutmem and acpi commands in secure boot mode - CVE-2021-20225: Fixed a heap out-of-bounds write in short form option parser - CVE-2021-20233: Fixed a heap out-of-bound write due to mis-calculation of space required for quoting grub2 was bumped to version 2.02, same as SUSE Linux Enterprise 12 SP3.
Platform: |
SUSE Linux Enterprise Server 12 SP2 |