Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Red Hat Enterprise Linux 8 RHSA-2022-5095-01 Important Grub2 Security Fixes

red hat
Calendar Grey June 16, 2022
Dist Redhat Esm H88
Critical security update from Red Hat highlighting significant patches for grub2, mokutil, and shim vulnerabilities.
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Summary

The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices.
The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments.
Security Fix(es):
* grub2: Integer underflow in grub_net_recv_ip4_packets (CVE-2022-28733)
* grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap (CVE-2021-3695)
* grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling (CVE-2021-3696)
* grub2: Crafted JPEG image can lead to buffer underflow write in the heap (CVE-2021-3697)
* grub2: Out-of-bound write when handling split HTTP headers(CVE-2022-28734)
* grub2: shim_lock verifier allows non-kernel files to be loaded (CVE-2022-28735)
* grub2: use-after-free in grub_cmd_chainloader() (CVE-2022-28736)
* shim: Buffer overflow when loading crafted EFI images (CVE-2022-28737)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Topics%20covered

Topics Covered

security advisory software update Red Hat Enterprise important fix boot loader grub2 update shim update

References

https://access.redhat.com/security/cve/CVE-2021-3695 https://access.redhat.com/security/cve/CVE-2021-3696 https://access.redhat.com/security/cve/CVE-2021-3697 https://access.redhat.com/security/cve/CVE-2022-28733 https://access.redhat.com/security/cve/CVE-2022-28734 https://access.redhat.com/security/cve/CVE-2022-28735 https://access.redhat.com/security/cve/CVE-2022-28736 https://access.redhat.com/security/cve/CVE-2022-28737 https://access.redhat.com/security/updates/classification/#important

Package List

Red Hat Enterprise Linux BaseOS (v. 8):
Source: grub2-2.02-123.el8_6.8.src.rpm mokutil-0.3.0-11.el8_6.1.src.rpm shim-15.6-1.el8.src.rpm
aarch64: grub2-debuginfo-2.02-123.el8_6.8.aarch64.rpm grub2-debugsource-2.02-123.el8_6.8.aarch64.rpm grub2-efi-aa64-2.02-123.el8_6.8.aarch64.rpm grub2-efi-aa64-cdboot-2.02-123.el8_6.8.aarch64.rpm grub2-tools-2.02-123.el8_6.8.aarch64.rpm grub2-tools-debuginfo-2.02-123.el8_6.8.aarch64.rpm grub2-tools-extra-2.02-123.el8_6.8.aarch64.rpm grub2-tools-extra-debuginfo-2.02-123.el8_6.8.aarch64.rpm grub2-tools-minimal-2.02-123.el8_6.8.aarch64.rpm grub2-tools-minimal-debuginfo-2.02-123.el8_6.8.aarch64.rpm mokutil-0.3.0-11.el8_6.1.aarch64.rpm mokutil-debuginfo-0.3.0-11.el8_6.1.aarch64.rpm mokutil-debugsource-0.3.0-11.el8_6.1.aarch64.rpm shim-aa64-15.6-1.el8.aarch64.rpm
noarch: grub2-common-2.02-123.el8_6.8.noarch.rpm grub2-efi-aa64-modules-2.02-123.el8_6.8.noarch.rpm grub2-efi-ia32-modules-2.02-123.el8_6.8.noarch.rpm grub2-efi-x64-modules-2.02-123.el8_6.8.noarch.rpm grub2-pc-modules-2.02-123.el8_6.8.noarch.rpm grub2-ppc64le-modules-2.02-123.el8_6.8.noarch.rpm
ppc64le: grub2-debuginfo-2.02-123.el8_6.8.ppc64le.rpm grub2-debugsource-2.02-123.el8_6.8.ppc64le.rpm grub2-ppc64le-2.02-123.el8_6.8.ppc64le.rpm grub2-tools-2.02-123.el8_6.8.ppc64le.rpm

Read the Full Advisory


Severity
important
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2022:5095-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:5095
Issue date: 2022-06-16

Topic

An update for grub2, mokutil, shim, and shim-unsigned-x64 is now availablefor Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.

Topics%20covered

Topics Covered

security advisory software update Red Hat Enterprise important fix boot loader grub2 update shim update

Relevant Releases Architectures

Red Hat CodeReady Linux Builder (v. 8) - x86_64

Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, x86_64

Bugs Fixed

1991685 - CVE-2021-3695 grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap

1991686 - CVE-2021-3696 grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling

1991687 - CVE-2021-3697 grub2: Crafted JPEG image can lead to buffer underflow write in the heap

2083339 - CVE-2022-28733 grub2: Integer underflow in grub_net_recv_ip4_packets

2090463 - CVE-2022-28734 grub2: Out-of-bound write when handling split HTTP headers2090857 - CVE-2022-28735 grub2: shim_lock verifier allows non-kernel files to be loaded

2090899 - CVE-2022-28737 shim: Buffer overflow when loading crafted EFI images

2092613 - CVE-2022-28736 grub2: use-after-free in grub_cmd_chainloader()

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here