Oval Definition:oval:org.opensuse.security:def:117575
Revision Date:2021-03-02Version:1
Title:Security update for grub2 (Important)
Description:

This update for grub2 fixes the following issues:

grub2 implements the new 'SBAT' method for SHIM based secure boot revocation. (bsc#1182057)

- CVE-2020-25632: Fixed a use-after-free in rmmod command (bsc#1176711) - CVE-2020-25647: Fixed an out-of-bound write in grub_usb_device_initialize() (bsc#1177883) - CVE-2020-27749: Fixed a stack buffer overflow in grub_parser_split_cmdline (bsc#1179264) - CVE-2020-27779, CVE-2020-14372: Disallow cutmem and acpi commands in secure boot mode (bsc#1179265 bsc#1175970) - CVE-2021-20225: Fixed a heap out-of-bounds write in short form option parser (bsc#1182262) - CVE-2021-20233: Fixed a heap out-of-bound write due to mis-calculation of space required for quoting (bsc#1182263)
Family:unixClass:patch
Status:Reference(s):1175970
1176711
1177883
1179264
1179265
1182057
1182262
1182263
CVE-2020-14372
CVE-2020-25632
CVE-2020-25647
CVE-2020-27749
CVE-2020-27779
CVE-2021-20225
CVE-2021-20233
SUSE-SU-2021:0683-1
Platform(s):SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP2 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP2 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • OR SUSE Linux Enterprise Server 15 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • OR SUSE Linux Enterprise Storage 7 is installed
  • OR SUSE Manager Proxy 4.1 is installed
  • OR SUSE Manager Retail Branch Server 4.1 is installed
  • OR SUSE Manager Server 4.1 is installed
  • AND Package Information
  • grub2-2.04-9.34.1 is installed
  • OR grub2-arm64-efi-2.04-9.34.1 is installed
  • OR grub2-i386-pc-2.04-9.34.1 is installed
  • OR grub2-powerpc-ieee1275-2.04-9.34.1 is installed
  • OR grub2-s390x-emu-2.04-9.34.1 is installed
  • OR grub2-snapper-plugin-2.04-9.34.1 is installed
  • OR grub2-systemd-sleep-plugin-2.04-9.34.1 is installed
  • OR grub2-x86_64-efi-2.04-9.34.1 is installed
    • BACK