Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 524
Alerts This Week
Warning Icon 1 524

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 172 articles for you...
197

Debian LTS grub2 Critical Code Execution Risk DLA-4685-1

Several issues were found in the GRUB2 bootloader, which could result in crashes and potentially execution of arbitrary code. These could lead to bypass of UEFI Secure Boot on affected systems. For Debian 11 bullseye, these problems have been fixed in version 2.06-3~deb11u7.. Debian LTS Advisory DLA-4685-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Emilio Pozuelo Monfort July 15, 2026 https://wiki.debian.org/LTS Package : grub2 Version : 2.06-3~deb11u7 CVE ID : CVE-2024-45774 CVE-2024-45775 CVE-2024-45776 CVE-2024-45777 CVE-2024-45778 CVE-2024-45779 CVE-2024-45780 CVE-2024-45781 CVE-2024-45782 CVE-2024-45783 CVE-2025-0622 CVE-2025-0624 CVE-2025-0677 CVE-2025-0678 CVE-2025-0684 CVE-2025-0685 CVE-2025-0686 CVE-2025-0689 CVE-2025-0690 CVE-2025-1118 CVE-2025-1125 Several issues were found in the GRUB2 bootloader, which could result in crashes and potentially execution of arbitrary code. These could lead to bypass of UEFI Secure Boot on affected systems. For Debian 11 bullseye, these problems have been fixed in version 2.06-3~deb11u7. We recommend that you upgrade your grub2 packages. For the detailed security status of grub2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/grub2 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Critical grub2 update in Debian LTS fixes multiple issues preventing UEFI Secure Boot bypass and arbitrary code execution.. Debian LTS, grub2, security update, code execution, UEFI Secure Boot. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 15, 2026 Critical Debian LTS
100

SUSE Linux Micro 6.0 Grub2 Moderate Security Update 2026-21621-1

An update that solves six vulnerabilities can now be installed. . # Security update for grub2 Announcement ID: SUSE-SU-2026:21621-1 Release Date: 2026-05-11T08:46:20Z Rating: moderate References: * bsc#1252930 * bsc#1252931 * bsc#1252932 * bsc#1252933 * bsc#1252934 * bsc#1252935 Cross-References: * CVE-2025-54770 * CVE-2025-54771 * CVE-2025-61661 * CVE-2025-61662 * CVE-2025-61663 * CVE-2025-61664 CVSS scores: * CVE-2025-54770 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-54770 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-54770 ( NVD ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-54771 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-54771 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-54771 ( NVD ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-61661 ( SUSE ): 4.3 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-61661 ( SUSE ): 4.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-61661 ( NVD ): 4.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-61662 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-61662 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-61662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-61662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-61663 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-61663 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-61663 ( NVD ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-61664 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-61664 ( SUSE ): 4.9CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-61664 ( NVD ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for grub2 fixes the following issues * CVE-2025-54770: Missing unregister call for net_set_vlan command may lead to use-after-free (bsc#1252930). * CVE-2025-54771: grub_file_close() does not properly controls the fs refcount (bsc#1252931). * CVE-2025-61661: Out-of-bounds write in grub_usb_get_string() function (bsc#1252932). * CVE-2025-61662: Missing unregister call for gettext command may lead to use- after-free (bsc#1252933). * CVE-2025-61663: Missing unregister call for normal commands may lead to use- after-free (bsc#1252934). * CVE-2025-61664: Missing unregister call for normal_exit command may lead to use-after-free (bsc#1252935). Changes for grub2: * Bump upstream SBAT generation to 6 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-702=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * grub2-2.12~rc1-8.1 * grub2-debugsource-2.12~rc1-8.1 * grub2-debuginfo-2.12~rc1-8.1 * SUSE Linux Micro 6.0 (noarch) * grub2-snapper-plugin-2.12~rc1-8.1 * grub2-arm64-efi-2.12~rc1-8.1 * grub2-i386-pc-2.12~rc1-8.1 * grub2-x86_64-xen-2.12~rc1-8.1 * grub2-x86_64-efi-2.12~rc1-8.1 * SUSE Linux Micro 6.0 (s390x) * grub2-s390x-emu-2.12~rc1-8.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54770.html * https://www.suse.com/security/cve/CVE-2025-54771.html * https://www.suse.com/security/cve/CVE-2025-61661.html *https://www.suse.com/security/cve/CVE-2025-61662.html * https://www.suse.com/security/cve/CVE-2025-61663.html * https://www.suse.com/security/cve/CVE-2025-61664.html * https://bugzilla.suse.com/show_bug.cgi?id=1252930 * https://bugzilla.suse.com/show_bug.cgi?id=1252931 * https://bugzilla.suse.com/show_bug.cgi?id=1252932 * https://bugzilla.suse.com/show_bug.cgi?id=1252933 * https://bugzilla.suse.com/show_bug.cgi?id=1252934 * https://bugzilla.suse.com/show_bug.cgi?id=1252935 . An update for SUSE Grub2 addresses six vulnerabilities, recommended for improved system security.. SUSE Grub2 Security Update, Moderate Vulnerabilities, Linux Micro Update. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 15, 2026 Critical SuSE
217

Oracle Linux 7 grub2 Moderate Issues Fixed ELSA-2026-5233

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-5233 http://linux.oracle.com/errata/ELSA-2026-5233.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: grub2-2.02-0.87.0.29.el7_9.14.x86_64.rpm grub2-common-2.02-0.87.0.29.el7_9.14.noarch.rpm grub2-efi-ia32-2.02-0.87.0.29.el7_9.14.x86_64.rpm grub2-efi-ia32-cdboot-2.02-0.87.0.29.el7_9.14.x86_64.rpm grub2-efi-ia32-modules-2.02-0.87.0.29.el7_9.14.noarch.rpm grub2-efi-x64-2.02-0.87.0.29.el7_9.14.x86_64.rpm grub2-efi-x64-cdboot-2.02-0.87.0.29.el7_9.14.x86_64.rpm grub2-efi-x64-modules-2.02-0.87.0.29.el7_9.14.noarch.rpm grub2-pc-2.02-0.87.0.29.el7_9.14.x86_64.rpm grub2-pc-modules-2.02-0.87.0.29.el7_9.14.noarch.rpm grub2-tools-2.02-0.87.0.29.el7_9.14.x86_64.rpm grub2-tools-extra-2.02-0.87.0.29.el7_9.14.x86_64.rpm grub2-tools-minimal-2.02-0.87.0.29.el7_9.14.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/grub2-2.02-0.87.0.29.el7_9.14.src.rpm Related CVEs: CVE-2025-61662 Description of changes: [2.02-0.87.0.29.el7.14] - Unregister gettext command on module unload [CVE-2025-61662][Orabug: 39112125] [2.02-0.87.0.27.el7.14] - Fix OOB write in grub_net_search_config_file() CVE-2025-0624 [Orabug: 37770226] - Also adds implementation of grub_strlcpy() for clean backport [2.02-0.87.0.26.el7.14] - Replace bugzilla.oracle.com reference [Orabug: 35477723] - Backport kernel EFI allocation pacthes [Orabug: 34301086] - Add to the list CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 [JIRA: OLDIS-16371] - bump SBAT generation [JIRA: OLDIS-16371] - Cleanup XEN shell script (Alex Burmashev) [Orabug: 33851417] - Update SBAT data (Alex Burmashev) [Orabug: 33851417] - efinet: change SNP open call (Alex Burmashev) [Orabug: 32646964] - disable buggy 0183-efinet-retransmit-if-our-device-is-busy.patch [Orabug: 27982684] - Patch multiboot2 to the recent state [Orabug:32950597] - Enable multiboot2 for UEFI ( non Secureboot ) mode [Orabug: 32950597] - Update signing certificate [Orabug: 32670043] - Update shim and certificates dependencies [Orabug: 32670043] - xfs: Don't attempt to iterate over empty directory [Orabug: 32584717] - add SBAT metadata for Oracle Linux grub2 - Use similar format for menu entry in grub environment block - config file. [Orabug: 32172943] - Fix degradation in multiboot2 code [Orabug: 32069510] - Update signing certificate for efi binaries - Update upstream references [Orabug: 30138841] - Restore symlink to grub environment file, that was removed during grub2-efi update if grub2 package is also installed on UEFI machines [Orabug: 27345750] - fix symlink removal scriptlet, to be executed only on removal [Orabug: 19231481] - Fix comparison in patch for [Orabug: 18504756] - Remove symlink to grub environment file during uninstall on EFI platforms [Orabug: 19231481] - replace dynamic EFI boot folder path generation with predefined 'redhat' (Alex Burmashev) - Put "with" in menuentry instead of "using" [Orabug: 18504756] - Use different titles for UEK and RHCK kernels [Orabug: 18504756] [2.02-087.el7.14] - Rebuild for signing - Related: RHEL-23460 [2.02-087.el7.13] - safemath: add grub_cast for gcc < 5.1 - Related: RHEL-23460 [2.02-087.el7.12] - Font CVE fixes and bump SBAT (CVE-2022-2601) - Resolves: RHEL-23460 [2.02-087.el7.11] - Bump sbat - Resolves: CVE-2022-28733 [2.02-087.el7.10] - Backport the relevant CVE fixes from the 2022-05-24 drop - Resolves: CVE-2022-28733 [2.02-087.el7.9] - Bump for signing - Resolves: #1892860 [2.02-0.87.el7.8] - Fix accidental reboot in grub_exit - Resolves: #1892860 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 7 updates for grub2 address moderation issues including buffer overflows, enhancing system stability and security.. Oracle Linux, Grub2, Security Fixes, Linux Updates, System Integrity. .LinuxSecurity.com Team

Calendar%202 Apr 13, 2026 Oracle
217

Oracle Linux 9 grub2 Moderate Advisory ELSA-2026-4760 CVE-2025-61662

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-4760 http://linux.oracle.com/errata/ELSA-2026-4760.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: grub2-common-2.06-114.0.1.el9_7.1.noarch.rpm grub2-efi-aa64-modules-2.06-114.0.1.el9_7.1.noarch.rpm grub2-efi-x64-2.06-114.0.1.el9_7.1.x86_64.rpm grub2-efi-x64-cdboot-2.06-114.0.1.el9_7.1.x86_64.rpm grub2-efi-x64-modules-2.06-114.0.1.el9_7.1.noarch.rpm grub2-pc-2.06-114.0.1.el9_7.1.x86_64.rpm grub2-pc-modules-2.06-114.0.1.el9_7.1.noarch.rpm grub2-tools-2.06-114.0.1.el9_7.1.x86_64.rpm grub2-tools-efi-2.06-114.0.1.el9_7.1.x86_64.rpm grub2-tools-extra-2.06-114.0.1.el9_7.1.x86_64.rpm grub2-tools-minimal-2.06-114.0.1.el9_7.1.x86_64.rpm aarch64: grub2-common-2.06-114.0.1.el9_7.1.noarch.rpm grub2-efi-aa64-2.06-114.0.1.el9_7.1.aarch64.rpm grub2-efi-aa64-cdboot-2.06-114.0.1.el9_7.1.aarch64.rpm grub2-efi-aa64-modules-2.06-114.0.1.el9_7.1.noarch.rpm grub2-efi-x64-modules-2.06-114.0.1.el9_7.1.noarch.rpm grub2-tools-2.06-114.0.1.el9_7.1.aarch64.rpm grub2-tools-extra-2.06-114.0.1.el9_7.1.aarch64.rpm grub2-tools-minimal-2.06-114.0.1.el9_7.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/grub2-2.06-114.0.1.el9_7.1.src.rpm Related CVEs: CVE-2025-61662 Description of changes: [2.06-114.0.1.el9_7.1] - Update grub2 dependencies to match new Secure Boot certificate chain of trust [Orabug: 37766761] - Fix typo in SBAT metadata [Orabug: 37693946] - Allow installation of grub2 only with shim-aa64 that allows booting it [Orabug: 37693946] - net/dns: Fix removal of DNS server [Orabug: 37539625] - net/dns: Simplify error handling of recv_hook() function [Orabug: 37539625] - net/dns: Add debugging messages in recv_hook() function [Orabug: 37539625] - net/dns: Fix lookup error when no IPv6 is returned [Orabug: 37539625] - efinet: close and reopen network card on failure [Orabug: 35126950], [Orabug: 37747175] -efinet: Correct closing of SNP protocol [Orabug: 35126950], [Orabug: 37747175] - Support setting custom kernels as default kernels [Orabug: 36043978] - Bump SBAT metadata for grub to 3 [Orabug: 34872719] - Fix CVE-2022-3775 [Orabug: 34871953] - Enable signing for aarch64 EFI - Fix signing certificate names - Enable back btrfs grub module for EFI pre-built image [Orabug: 34360986] - Replaced bugzilla.oracle.com references [Orabug: 34202300] - Update provided certificate version to 202204 [JIRA: OLDIS-16371] - Various coverity fixes [JIRA: OLDIS-16371] - bump SBAT generation - Update bug url [Orabug: 34202300] - Revert provided certificate version back to 202102 [JIRA: OLDIS-16371] - Update signing certificate [JIRA: OLDIS-16371] - fix SBAT data [JIRA: OLDIS-16371] - Update requires [JIRA: OLDIS-16371] - Rebuild for SecureBoot signatures [Orabug: 33801813] - Do not add shim and grub certificate deps for aarch64 packages [Orabug: 32670033] - Update Oracle SBAT data [Orabug: 32670033] - Use new signing certificate [Orabug: 32670033] - honor /etc/sysconfig/kernel DEFAULTKERNEL setting for BLS [Orabug: 30643497] - set EFIDIR as redhat for additional grub2 tools [Orabug: 29875597] - Update upstream references [Orabug: 26388226] - Insert Unbreakable Enterprise Kernel text into BLS config file [Orabug: 29417955] - Put "with" in menuentry instead of "using" [Orabug: 18504756] - Use different titles for UEK and RHCK kernels [Orabug: 18504756] [2.06-114.1] - Fixes CVE-2025-61662 Missing unregister call for gettext command may lead to use-after-free - Resolves: #RHEL-141593 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 9 updates enhance grub2 security with crucial fixes and improved features for stability.. Oracle Linux 9, grub2 update, security fixes, Linux security advisory, moderate updates. . LinuxSecurity.com Team

Calendar%202 Mar 19, 2026 Oracle
217

Oracle Linux 8 ELSA-2026-4648 grub2 Moderate DoS CVE-2025-61662

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-4648 http://linux.oracle.com/errata/ELSA-2026-4648.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: grub2-common-2.02-170.0.1.el8_10.1.noarch.rpm grub2-efi-aa64-modules-2.02-170.0.1.el8_10.1.noarch.rpm grub2-efi-ia32-2.02-170.0.1.el8_10.1.x86_64.rpm grub2-efi-ia32-cdboot-2.02-170.0.1.el8_10.1.x86_64.rpm grub2-efi-ia32-modules-2.02-170.0.1.el8_10.1.noarch.rpm grub2-efi-x64-2.02-170.0.1.el8_10.1.x86_64.rpm grub2-efi-x64-cdboot-2.02-170.0.1.el8_10.1.x86_64.rpm grub2-efi-x64-modules-2.02-170.0.1.el8_10.1.noarch.rpm grub2-pc-2.02-170.0.1.el8_10.1.x86_64.rpm grub2-pc-modules-2.02-170.0.1.el8_10.1.noarch.rpm grub2-tools-2.02-170.0.1.el8_10.1.x86_64.rpm grub2-tools-efi-2.02-170.0.1.el8_10.1.x86_64.rpm grub2-tools-extra-2.02-170.0.1.el8_10.1.x86_64.rpm grub2-tools-minimal-2.02-170.0.1.el8_10.1.x86_64.rpm aarch64: grub2-common-2.02-170.0.1.el8_10.1.noarch.rpm grub2-efi-aa64-2.02-170.0.1.el8_10.1.aarch64.rpm grub2-efi-aa64-cdboot-2.02-170.0.1.el8_10.1.aarch64.rpm grub2-efi-aa64-modules-2.02-170.0.1.el8_10.1.noarch.rpm grub2-efi-ia32-modules-2.02-170.0.1.el8_10.1.noarch.rpm grub2-efi-x64-modules-2.02-170.0.1.el8_10.1.noarch.rpm grub2-pc-modules-2.02-170.0.1.el8_10.1.noarch.rpm grub2-tools-2.02-170.0.1.el8_10.1.aarch64.rpm grub2-tools-extra-2.02-170.0.1.el8_10.1.aarch64.rpm grub2-tools-minimal-2.02-170.0.1.el8_10.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/grub2-2.02-170.0.1.el8_10.1.src.rpm Related CVEs: CVE-2025-61662 Description of changes: [2.02-170.0.1.el8_10.1] - Update grub2 dependencies to match new Secure Boot certificate chain of trust [Orabug: 37766761] - Fix typo in SBAT metadata [Orabug: 37693946] - Allow installation of grub2 only with shim-aa64 that allows booting it [Orabug: 37693946] - net/dns: Fix removal of DNS server [Orabug: 37539625] - net/dns: Simplify error handling ofrecv_hook() function [Orabug: 37539625] - net/dns: Add debugging messages in recv_hook() function [Orabug: 37539625] - net/dns: Fix lookup error when no IPv6 is returned [Orabug: 37539625] - Use correct os_name on OL - Backport the support for setting custom kernels as default kernels [Orabug: 36690061] - Restore correct SBAT entries - Replaced bugzilla.oracle.com references [Orabug: 35475894] - efinet: Close and reopen card on failure [Orabug: 35126950] - Fix CVE-2022-3775 [Orabug: 34867710] - Bump SBAT metadata for grub to 3 [Orabug: 34871758] - Enable signing on aarch64 - Don't try to switch to a BLS config if GRUB_ENABLE_BLSCFG is already set (Javier Martinez Canillas) [Orabug: 34375996] - Enable back btrfs module by default [Orabug: 34377188] - Backport upstream SNP protocol fixes [Orabug: 34195100] - Rebase Fix EFI loader kernel image allocation patch, adapt it to new NX code [Orabug: 34352232] - enable multiboot2 [Orabug: 34285558] - backport arm64: Fix EFI loader kernel image allocation [Orabug: 33702462] - backport Arm: check for the PE magic for the compiled arch [Orabug: 33702462] - Backport some better script logic for BTRFS support [Orabug: 32448171] - Do not add shim and grub certificate deps for aarch64 packages [Orabug: 32670033] - Update Oracle SBAT data [Orabug: 32670033] - Use new signing certificate [Orabug: 32670033] - Fix various coverity issues [Orabug: 32530657] - Set proper blsdir if /boot is on btrfs rootfs [Orabug: 32063327] - Add CVE-2020-15706, CVE-2020-15707 to the list [Orabug: 31225072] - honor /etc/sysconfig/kernel DEFAULTKERNEL setting for BLS [Orabug: 30643497] - set EFIDIR as redhat for additional grub2 tools [Orabug: 29875597] - Update upstream references [Orabug: 26388226] - Insert Unbreakable Enterprise Kernel text into BLS config file [Orabug: 29417955] - fix symlink removal scriptlet, to be executed only on removal [Orabug: 19231481] - Fix comparison in patch for 18504756 - Remove symlink to grub environment file during uninstall on EFI platforms [Orabug: 19231481] - Put"with" in menuentry instead of "using" [Orabug: 18504756] - Use different titles for UEK and RHCK kernels [Orabug: 18504756] [2.02-170.1] - Fixes CVE-2025-61662 Missing unregister call for gettext command may lead to use-after-free - Resolves: #RHEL-141583 [2.02-170] - fs/xfs/ppc64le: Update xfs code to fix install on 4KB block size - Resolves: #RHEL-142208 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 8 grub2 update addresses CVE-2025-61662 with moderate severity and important fixes.. Oracle Linux grub2 updates security DoS CVE-2025-61662. . LinuxSecurity.com Team

Calendar%202 Mar 19, 2026 Oracle
217

Oracle Linux 10 grub2 Moderate ELSA-2026-4649 CVE-2025-61662

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-4649 http://linux.oracle.com/errata/ELSA-2026-4649.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: grub2-common-2.12-29.0.1.el10_1.2.noarch.rpm grub2-efi-aa64-modules-2.12-29.0.1.el10_1.2.noarch.rpm grub2-efi-x64-2.12-29.0.1.el10_1.2.x86_64.rpm grub2-efi-x64-cdboot-2.12-29.0.1.el10_1.2.x86_64.rpm grub2-efi-x64-modules-2.12-29.0.1.el10_1.2.noarch.rpm grub2-pc-2.12-29.0.1.el10_1.2.x86_64.rpm grub2-pc-modules-2.12-29.0.1.el10_1.2.noarch.rpm grub2-tools-2.12-29.0.1.el10_1.2.x86_64.rpm grub2-tools-efi-2.12-29.0.1.el10_1.2.x86_64.rpm grub2-tools-extra-2.12-29.0.1.el10_1.2.x86_64.rpm grub2-tools-minimal-2.12-29.0.1.el10_1.2.x86_64.rpm aarch64: grub2-common-2.12-29.0.1.el10_1.2.noarch.rpm grub2-efi-aa64-2.12-29.0.1.el10_1.2.aarch64.rpm grub2-efi-aa64-cdboot-2.12-29.0.1.el10_1.2.aarch64.rpm grub2-efi-aa64-modules-2.12-29.0.1.el10_1.2.noarch.rpm grub2-efi-x64-modules-2.12-29.0.1.el10_1.2.noarch.rpm grub2-tools-2.12-29.0.1.el10_1.2.aarch64.rpm grub2-tools-extra-2.12-29.0.1.el10_1.2.aarch64.rpm grub2-tools-minimal-2.12-29.0.1.el10_1.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/grub2-2.12-29.0.1.el10_1.2.src.rpm Related CVEs: CVE-2025-61662 Description of changes: [2.12-29.0.1.el10_1.2] - efinet: Close and reopen card on failure [Orabug: 37808688] - Update grub2 dependencies to match new Secure Boot certificate chain of trust [Orabug: 37766761] - Fix typo in SBAT metadata [Orabug: 37693946] - Allow installation of grub2 only with shim-aa64 that allows booting it [Orabug: 37693946] - Enable btrfs module [Orabug: 37412995] - Restored shim related conflicts and provide. [Orabug: 37376920] - Rework the scripts to cover both in-place upgrade and update scenarios [Orabug: 36768566] - Support setting custom kernels as default kernels [Orabug: 36043978] - Bump SBAT metadata for grub to 3 [Orabug:34872719] - Fix CVE-2022-3775 [Orabug: 34871953] - Enable signing for aarch64 EFI - Fix signing certificate names - Enable back btrfs grub module for EFI pre-built image [Orabug: 34360986] - Replaced bugzilla.oracle.com references [Orabug: 34202300] - Update provided certificate version to 202204 [JIRA: OLDIS-16371] - Various coverity fixes [JIRA: OLDIS-16371] - bump SBAT generation - Update bug url [Orabug: 34202300] - Revert provided certificate version back to 202102 [JIRA: OLDIS-16371] - Update signing certificate [JIRA: OLDIS-16371] - fix SBAT data [JIRA: OLDIS-16371] - Update requires [JIRA: OLDIS-16371] - Rebuild for SecureBoot signatures [Orabug: 33801813] - Do not add shim and grub certificate deps for aarch64 packages [Orabug: 32670033] - Update Oracle SBAT data [Orabug: 32670033] - Use new signing certificate [Orabug: 32670033] - honor /etc/sysconfig/kernel DEFAULTKERNEL setting for BLS [Orabug: 30643497] - set EFIDIR as redhat for additional grub2 tools [Orabug: 29875597] - Update upstream references [Orabug: 26388226] - Insert Unbreakable Enterprise Kernel text into BLS config file [Orabug: 29417955] - Put "with" in menuentry instead of "using" [Orabug: 18504756] - Use different titles for UEK and RHCK kernels [Orabug: 18504756] [2.12-29.2] - Try to get gating tests running via fmf/tmt - Resolves: #RHEL-152849 [2.12-29.1] - Fixes CVE-2025-61662 Missing unregister call for gettext command may lead to use-after-free - Resolves: #RHEL-141580 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 10 updates for grub2 address critical security issues including CVE-2025-61662 with moderate severity.. Oracle Linux, grub2, security update, ELSA-2026-4649. . LinuxSecurity.com Team

Calendar%202 Mar 17, 2026 Oracle
100

SUSE: grub2 Important Fixes for Seven Issues CVE-2024-56738

An update that solves seven vulnerabilities and has seven fixes can now be installed.. # Security update for grub2 Announcement ID: SUSE-SU-2025:21212-1 Release Date: 2025-12-15T12:52:50Z Rating: important References: * bsc#1234959 * bsc#1245636 * bsc#1245738 * bsc#1245953 * bsc#1246231 * bsc#1247242 * bsc#1249088 * bsc#1249385 * bsc#1252930 * bsc#1252931 * bsc#1252932 * bsc#1252933 * bsc#1252934 * bsc#1252935 Cross-References: * CVE-2024-56738 * CVE-2025-54770 * CVE-2025-54771 * CVE-2025-61661 * CVE-2025-61662 * CVE-2025-61663 * CVE-2025-61664 CVSS scores: * CVE-2024-56738 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-56738 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-56738 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-54770 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-54770 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-54770 ( NVD ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-54771 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-54771 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-54771 ( NVD ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-61661 ( SUSE ): 4.3 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-61661 ( SUSE ): 4.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-61661 ( NVD ): 4.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-61662 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-61662 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-61662 ( NVD ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-61663 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-61663 (SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-61663 ( NVD ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-61664 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-61664 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-61664 ( NVD ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves seven vulnerabilities and has seven fixes can now be installed. ## Description: This update for grub2 fixes the following issues: Changes in grub2: * CVE-2025-54771: Fixed grub_file_close() does not properly controls the fs refcount (bsc#1252931) * CVE-2025-54770: Fixed missing unregister call for net_set_vlan command may lead to use-after-free (bsc#1252930) * CVE-2025-61662: Fixed missing unregister call for gettext command may lead to use-after-free (bsc#1252933) * CVE-2025-61663: Fixed missing unregister call for normal commands may lead to use-after-free (bsc#1252934) * CVE-2025-61664: Fixed missing unregister call for normal_exit command may lead to use-after-free (bsc#1252935) * CVE-2025-61661: Fixed out-of-bounds write in grub_usb_get_string() function (bsc#1252932) * Bump upstream SBAT generation to 6 * Fix "sparse file not allowed" error after grub2-reboot (bsc#1245738) * Fix PowerPC network boot prefix to correctly locate grub.cfg (bsc#1249385) * turn off page flipping for i386-pc using VBE video backend (bsc#1245636) * Fix boot hangs in setting up serial console when ACPI SPCR table is present and redirection is disabled (bsc#1249088) * Fix timeout when loading initrd via http after PPC CAS reboot (bsc#1245953) * Skip mount point in grub_find_device function (bsc#1246231) * CVE-2024-56738: Fixed side-channel attack due to not constant-time algorithm in grub_crypto_memcmp (bsc#1234959) ## PatchInstructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-106=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-106=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * grub2-common-debuginfo-2.12-160000.3.1 * grub2-2.12-160000.3.1 * grub2-common-2.12-160000.3.1 * SUSE Linux Enterprise Server 16.0 (noarch) * grub2-systemd-sleep-plugin-2.12-160000.3.1 * grub2-x86_64-efi-2.12-160000.3.1 * grub2-arm64-efi-2.12-160000.3.1 * grub2-snapper-plugin-2.12-160000.3.1 * grub2-powerpc-ieee1275-2.12-160000.3.1 * grub2-i386-pc-2.12-160000.3.1 * SUSE Linux Enterprise Server 16.0 (aarch64 s390x x86_64) * grub2-debugsource-2.12-160000.3.1 * SUSE Linux Enterprise Server 16.0 (s390x) * grub2-s390x-emu-2.12-160000.3.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * grub2-common-debuginfo-2.12-160000.3.1 * grub2-2.12-160000.3.1 * grub2-common-2.12-160000.3.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (x86_64) * grub2-debugsource-2.12-160000.3.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * grub2-systemd-sleep-plugin-2.12-160000.3.1 * grub2-x86_64-efi-2.12-160000.3.1 * grub2-snapper-plugin-2.12-160000.3.1 * grub2-powerpc-ieee1275-2.12-160000.3.1 * grub2-i386-pc-2.12-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56738.html * https://www.suse.com/security/cve/CVE-2025-54770.html * https://www.suse.com/security/cve/CVE-2025-54771.html * https://www.suse.com/security/cve/CVE-2025-61661.html * https://www.suse.com/security/cve/CVE-2025-61662.html * https://www.suse.com/security/cve/CVE-2025-61663.html *https://www.suse.com/security/cve/CVE-2025-61664.html * https://bugzilla.suse.com/show_bug.cgi?id=1234959 * https://bugzilla.suse.com/show_bug.cgi?id=1245636 * https://bugzilla.suse.com/show_bug.cgi?id=1245738 * https://bugzilla.suse.com/show_bug.cgi?id=1245953 * https://bugzilla.suse.com/show_bug.cgi?id=1246231 * https://bugzilla.suse.com/show_bug.cgi?id=1247242 * https://bugzilla.suse.com/show_bug.cgi?id=1249088 * https://bugzilla.suse.com/show_bug.cgi?id=1249385 * https://bugzilla.suse.com/show_bug.cgi?id=1252930 * https://bugzilla.suse.com/show_bug.cgi?id=1252931 * https://bugzilla.suse.com/show_bug.cgi?id=1252932 * https://bugzilla.suse.com/show_bug.cgi?id=1252933 * https://bugzilla.suse.com/show_bug.cgi?id=1252934 * https://bugzilla.suse.com/show_bug.cgi?id=1252935 . SUSE Linux updates for grub2 address seven important issues including use-after-free vulnerabilities effectively.. SUSE Linux, grub2 update, important security update, use-after-free issue, Linux vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Dec 18, 2025 Important SuSE
100

SUSE: grub2 Important Security Fixes Advisory 2025:21223-1

An update that solves seven vulnerabilities and has seven fixes can now be installed.. # Security update for grub2 Announcement ID: SUSE-SU-2025:21223-1 Release Date: 2025-12-15T12:50:52Z Rating: important References: * bsc#1234959 * bsc#1245636 * bsc#1245738 * bsc#1245953 * bsc#1246231 * bsc#1247242 * bsc#1249088 * bsc#1249385 * bsc#1252930 * bsc#1252931 * bsc#1252932 * bsc#1252933 * bsc#1252934 * bsc#1252935 Cross-References: * CVE-2024-56738 * CVE-2025-54770 * CVE-2025-54771 * CVE-2025-61661 * CVE-2025-61662 * CVE-2025-61663 * CVE-2025-61664 CVSS scores: * CVE-2024-56738 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-56738 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-56738 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-54770 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-54770 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-54770 ( NVD ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-54771 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-54771 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-54771 ( NVD ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-61661 ( SUSE ): 4.3 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-61661 ( SUSE ): 4.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-61661 ( NVD ): 4.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-61662 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-61662 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-61662 ( NVD ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-61663 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-61663 (SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-61663 ( NVD ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-61664 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-61664 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-61664 ( NVD ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Micro 6.2 An update that solves seven vulnerabilities and has seven fixes can now be installed. ## Description: This update for grub2 fixes the following issues: Changes in grub2: * CVE-2025-54771: Fixed grub_file_close() does not properly controls the fs refcount (bsc#1252931) * CVE-2025-54770: Fixed missing unregister call for net_set_vlan command may lead to use-after-free (bsc#1252930) * CVE-2025-61662: Fixed missing unregister call for gettext command may lead to use-after-free (bsc#1252933) * CVE-2025-61663: Fixed missing unregister call for normal commands may lead to use-after-free (bsc#1252934) * CVE-2025-61664: Fixed missing unregister call for normal_exit command may lead to use-after-free (bsc#1252935) * CVE-2025-61661: Fixed out-of-bounds write in grub_usb_get_string() function (bsc#1252932) * Bump upstream SBAT generation to 6 * Fix "sparse file not allowed" error after grub2-reboot (bsc#1245738) * Fix PowerPC network boot prefix to correctly locate grub.cfg (bsc#1249385) * turn off page flipping for i386-pc using VBE video backend (bsc#1245636) * Fix boot hangs in setting up serial console when ACPI SPCR table is present and redirection is disabled (bsc#1249088) * Fix timeout when loading initrd via http after PPC CAS reboot (bsc#1245953) * Skip mount point in grub_find_device function (bsc#1246231) * CVE-2024-56738: Fixed side-channel attack due to not constant-time algorithm in grub_crypto_memcmp (bsc#1234959) ## Patch Instructions: To install this SUSE update use the SUSE recommendedinstallation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-106=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * grub2-common-debuginfo-2.12-160000.3.1 * grub2-2.12-160000.3.1 * grub2-common-2.12-160000.3.1 * SUSE Linux Micro 6.2 (aarch64 s390x x86_64) * grub2-debugsource-2.12-160000.3.1 * SUSE Linux Micro 6.2 (noarch) * grub2-x86_64-xen-2.12-160000.3.1 * grub2-x86_64-efi-2.12-160000.3.1 * grub2-arm64-efi-2.12-160000.3.1 * grub2-snapper-plugin-2.12-160000.3.1 * grub2-powerpc-ieee1275-2.12-160000.3.1 * grub2-i386-pc-2.12-160000.3.1 * SUSE Linux Micro 6.2 (s390x) * grub2-s390x-emu-2.12-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56738.html * https://www.suse.com/security/cve/CVE-2025-54770.html * https://www.suse.com/security/cve/CVE-2025-54771.html * https://www.suse.com/security/cve/CVE-2025-61661.html * https://www.suse.com/security/cve/CVE-2025-61662.html * https://www.suse.com/security/cve/CVE-2025-61663.html * https://www.suse.com/security/cve/CVE-2025-61664.html * https://bugzilla.suse.com/show_bug.cgi?id=1234959 * https://bugzilla.suse.com/show_bug.cgi?id=1245636 * https://bugzilla.suse.com/show_bug.cgi?id=1245738 * https://bugzilla.suse.com/show_bug.cgi?id=1245953 * https://bugzilla.suse.com/show_bug.cgi?id=1246231 * https://bugzilla.suse.com/show_bug.cgi?id=1247242 * https://bugzilla.suse.com/show_bug.cgi?id=1249088 * https://bugzilla.suse.com/show_bug.cgi?id=1249385 * https://bugzilla.suse.com/show_bug.cgi?id=1252930 * https://bugzilla.suse.com/show_bug.cgi?id=1252931 * https://bugzilla.suse.com/show_bug.cgi?id=1252932 * https://bugzilla.suse.com/show_bug.cgi?id=1252933 * https://bugzilla.suse.com/show_bug.cgi?id=1252934 * https://bugzilla.suse.com/show_bug.cgi?id=1252935 . An important security update for grub2addresses multiple vulnerabilities with fixes available now. Review for installation.. SUSE Linux, grub2 security, patch update, software vulnerabilities, Linux admin. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Dec 18, 2025 Important SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200