Several security issues were fixed in GRUB 2.
Software Description:
- grub2-signed: GRand Unified Bootloader
- grub2-unsigned: GRand Unified Bootloader
Details:
Máté Kukri discovered that the acpi command in GRUB 2 allowed privileged
users to load crafted ACPI tables when secure boot is enabled. An attacker
could use this to bypass UEFI Secure Boot restrictions. (CVE-2020-14372)
Chris Coulson discovered that the rmmod command in GRUB 2 contained a use-after-free vulnerability. A local attacker could use this to execute
arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-25632)
Chris Coulson discovered that a buffer overflow existed in the command line
parser in GRUB 2. A local attacker could use this to execute arbitrary code
and bypass UEFI Secure Boot restrictions. (CVE-2020-27749)
It was discovered that the cutmem command in GRUB 2 did not honor secure
boot locking. A local attacker could use this to execute arbitrary code and
bypass ...
The problem can be corrected by updating your system to the following package versions: Ubuntu 20.10: grub-efi-amd64-bin 2.04-1ubuntu44.2 grub-efi-amd64-signed 1.167.2+2.04-1ubuntu44.2 grub-efi-arm64-bin 2.04-1ubuntu44.2 grub-efi-arm64-signed 1.167.2+2.04-1ubuntu44.2 Ubuntu 20.04 LTS: grub-efi-amd64-bin 2.04-1ubuntu44.2 grub-efi-amd64-signed 1.167.2+2.04-1ubuntu44.2 grub-efi-arm64-bin 2.04-1ubuntu44.2 grub-efi-arm64-signed 1.167.2+2.04-1ubuntu44.2 Ubuntu 18.04 LTS: grub-efi-amd64-bin 2.04-1ubuntu44.1.2 grub-efi-amd64-signed 1.167~18.04.5+2.04-1ubuntu44.1.2 grub-efi-arm64-bin 2.04-1ubuntu44.1.2 grub-efi-arm64-signed 1.167~18.04.5+2.04-1ubuntu44.1.2 After a standard system update you need to reboot your computer to make all the necessary changes.
https://ubuntu.com/security/notices/USN-4992-1
CVE-2020-14372, CVE-2020-25632, CVE-2020-27749,
CVE-2020-27779, CVE-2021-20225, CVE-2021-20233,
Get the latest Linux and open source security news straight to your inbox.