Oval Definition:oval:org.opensuse.security:def:70545
Revision Date:2021-03-02Version:1
Title:Security update for grub2 (Important)
Description:

This update for grub2 fixes the following issues:

grub2 now implements the new 'SBAT' method for SHIM based secure boot revocation. (bsc#1182057)

Following security issues are fixed that can violate secure boot constraints:

- CVE-2020-25632: Fixed a use-after-free in rmmod command (bsc#1176711) - CVE-2020-25647: Fixed an out-of-bound write in grub_usb_device_initialize() (bsc#1177883) - CVE-2020-27749: Fixed a stack buffer overflow in grub_parser_split_cmdline (bsc#1179264) - CVE-2020-27779, CVE-2020-14372: Disallow cutmem and acpi commands in secure boot mode (bsc#1179265 bsc#1175970) - CVE-2021-20225: Fixed a heap out-of-bounds write in short form option parser (bsc#1182262) - CVE-2021-20233: Fixed a heap out-of-bound write due to mis-calculation of space required for quoting (bsc#1182263)

Family:unixClass:patch
Status:Reference(s):1055186
1058115
1065600
1065729
1094244
1152472
1152489
1153274
1154353
1155518
1156395
1167527
1170774
1171068
1171688
1171742
1171921
1172757
1173017
1173115
1173746
1174358
1174899
1175749
1175882
1175970
1176019
1176038
1176137
1176235
1176236
1176237
1176242
1176278
1176357
1176358
1176359
1176360
1176361
1176362
1176363
1176364
1176365
1176366
1176367
1176381
1176423
1176449
1176482
1176486
1176507
1176536
1176537
1176538
1176539
1176540
1176541
1176542
1176544
1176545
1176546
1176548
1176558
1176559
1176587
1176659
1176698
1176699
1176700
1176711
1176721
1176722
1176725
1176732
1176763
1176775
1176788
1176789
1176833
1176869
1176877
1176925
1176962
1176980
1176990
1177021
1177030
1177883
1179264
1179265
1182057
1182262
1182263
CVE-2020-0404
CVE-2020-0427
CVE-2020-0431
CVE-2020-0432
CVE-2020-10753
CVE-2020-14372
CVE-2020-14385
CVE-2020-14390
CVE-2020-25212
CVE-2020-25284
CVE-2020-25632
CVE-2020-25647
CVE-2020-26088
CVE-2020-27749
CVE-2020-27779
CVE-2021-20225
CVE-2021-20233
SUSE-SU-2021:0684-1
Platform(s):SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • ceph-14.2.9.970+ged84cae0c9-3.41 is installed
  • OR ceph-dashboard-e2e-14.2.9.970+ged84cae0c9-3.41 is installed
  • OR ceph-mgr-ssh-14.2.9.970+ged84cae0c9-3.41 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND Package Information
  • grub2-2.02-26.43.1 is installed
  • OR grub2-i386-pc-2.02-26.43.1 is installed
  • OR grub2-powerpc-ieee1275-2.02-26.43.1 is installed
  • OR grub2-snapper-plugin-2.02-26.43.1 is installed
  • OR grub2-systemd-sleep-plugin-2.02-26.43.1 is installed
  • OR grub2-x86_64-efi-2.02-26.43.1 is installed
  • OR grub2-x86_64-xen-2.02-26.43.1 is installed
    • BACK