Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Ubuntu 22.04 LTS USN-6355-1 Moderate: GRUB2 Security Flaws

ubuntu
Calendar Grey September 8, 2023
Dist Ubuntu Esm H88
Multiple security flaws found in GRUB2 patched in Ubuntu security advisory USN-6355-1. Ensure your system's safety by updating immediately.
Several security issues were fixed in GRUB2.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in GRUB2. Software Description: - grub2-signed: GRand Unified Bootloader - grub2-unsigned: GRand Unified Bootloader - shim: boot loader to chain-load signed boot loaders under Secure Boot - shim-signed: Secure Boot chain-loading bootloader (Microsoft-signed binary) Details: Daniel Axtens discovered that specially crafted images could cause a heap-based out-of-bonds write. A local attacker could possibly use this to circumvent secure boot protections. (CVE-2021-3695) Daniel Axtens discovered that specially crafted images could cause out-of-bonds read and write. A local attacker could possibly use this to circumvent secure boot protections. (CVE-2021-3696) Daniel Axtens discovered that specially crafted images could cause buffer underwrite which allows arbitrary data to be written to a heap. A loca...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory moderate security issue Ubuntu heap overflow bootloader GRUB2

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: grub-efi-amd64 2.06-2ubuntu14.1 grub-efi-amd64-bin 2.06-2ubuntu14.1 grub-efi-amd64-signed 1.187.3~22.04.1+2.06-2ubuntu14.1 grub-efi-arm64 2.06-2ubuntu14.1 grub-efi-arm64-bin 2.06-2ubuntu14.1 grub-efi-arm64-signed 1.187.3~22.04.1+2.06-2ubuntu14.1 shim 15.7-0ubuntu1 shim-signed 1.51.3+15.7-0ubuntu1 Ubuntu 20.04 LTS: grub-efi-amd64 2.06-2ubuntu14.1 grub-efi-amd64-bin 2.06-2ubuntu14.1 grub-efi-amd64-signed 1.187.3~20.04.1+2.06-2ubuntu14.1 grub-efi-arm64 2.06-2ubuntu14.1 grub-efi-arm64-bin 2.06-2ubuntu14.1 grub-efi-arm64-signed 1.187.3~20.04.1+2.06-2ubuntu14.1 shim 15.7-0ubuntu1 shim-signed 1.40.9+15.7-0ubuntu1 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6355-1

CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2021-3981,

CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736,

CVE-2022-28737, CVE-2022-3775,https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2029518

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-6355-1

Topics%20covered

Topics Covered

security advisory moderate security issue Ubuntu heap overflow bootloader GRUB2

Package Information

https://launchpad.net/ubuntu/+source/grub2-signed/1.187.3~22.04.1 https://launchpad.net/ubuntu/+source/grub2-unsigned/2.06-2ubuntu14.1 https://launchpad.net/ubuntu/+source/shim/15.7-0ubuntu1 https://launchpad.net/ubuntu/+source/shim-signed/1.51.3 https://launchpad.net/ubuntu/+source/grub2-signed/1.187.3~20.04.1 https://launchpad.net/ubuntu/+source/grub2-unsigned/2.06-2ubuntu14.1 https://launchpad.net/ubuntu/+source/shim/15.7-0ubuntu1 https://launchpad.net/ubuntu/+source/shim-signed/1.40.9

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here