Revision Date: | 2021-03-02 | Version: | 1 |
Title: | Security update for grub2 (Important) |
Description: |
This update for grub2 fixes the following issues:
grub2 implements the new 'SBAT' method for SHIM based secure boot revocation. (bsc#1182057)
- CVE-2020-25632: Fixed a use-after-free in rmmod command (bsc#1176711) - CVE-2020-25647: Fixed an out-of-bound write in grub_usb_device_initialize() (bsc#1177883) - CVE-2020-27749: Fixed a stack buffer overflow in grub_parser_split_cmdline (bsc#1179264) - CVE-2020-27779, CVE-2020-14372: Disallow cutmem and acpi commands in secure boot mode (bsc#1179265 bsc#1175970) - CVE-2021-20225: Fixed a heap out-of-bounds write in short form option parser (bsc#1182262) - CVE-2021-20233: Fixed a heap out-of-bound write due to mis-calculation of space required for quoting (bsc#1182263)
|
Family: | unix | Class: | patch |
Status: | | Reference(s): | 1175970 1176711 1177883 1179264 1179265 1182057 1182262 1182263 CVE-2020-14372 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 CVE-2021-20225 CVE-2021-20233 SUSE-SU-2021:0683-1
|
Platform(s): | SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Storage 7 SUSE Manager Proxy 4.1 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1
| Product(s): | |
Definition Synopsis |
Release Information SUSE Linux Enterprise Desktop 15 SP2 is installed
OR SUSE Linux Enterprise High Performance Computing 15 SP2 is installed
OR SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
OR SUSE Linux Enterprise Server 15 SP2 is installed
OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
OR SUSE Linux Enterprise Storage 7 is installed
OR SUSE Manager Proxy 4.1 is installed
OR SUSE Manager Retail Branch Server 4.1 is installed
OR SUSE Manager Server 4.1 is installed
AND Package Information
grub2-2.04-9.34.1 is installed
OR grub2-arm64-efi-2.04-9.34.1 is installed
OR grub2-i386-pc-2.04-9.34.1 is installed
OR grub2-powerpc-ieee1275-2.04-9.34.1 is installed
OR grub2-s390x-emu-2.04-9.34.1 is installed
OR grub2-snapper-plugin-2.04-9.34.1 is installed
OR grub2-systemd-sleep-plugin-2.04-9.34.1 is installed
OR grub2-x86_64-efi-2.04-9.34.1 is installed
|