SUSE-SU-2021:0683-1 -- SLES grub2ID: oval:org.secpod.oval:def:89049505 | Date: (C)2023-09-27 (M)2023-11-13 |
Class: PATCH | Family: unix |
This update for grub2 fixes the following issues: grub2 implements the new SBAT method for SHIM based secure boot revocation. - CVE-2020-25632: Fixed a use-after-free in rmmod command - CVE-2020-25647: Fixed an out-of-bound write in grub_usb_device_initialize - CVE-2020-27749: Fixed a stack buffer overflow in grub_parser_split_cmdline - CVE-2020-27779, CVE-2020-14372: Disallow cutmem and acpi commands in secure boot mode - CVE-2021-20225: Fixed a heap out-of-bounds write in short form option parser - CVE-2021-20233: Fixed a heap out-of-bound write due to mis-calculation of space required for quoting
Platform: |
SUSE Linux Enterprise Server 15 SP2 |
SUSE Linux Enterprise Desktop 15 SP2 |