ALSA-2023:0049

[ALSA-2023:0049] Moderate: grub2 security update

Type:

security

Severity:

moderate

Release date:

2023-01-10

Description:

The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices.

Security Fix(es):

* grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass (CVE-2022-2601)
* grub2: Heap based out-of-bounds write when redering certain unicode sequences (CVE-2022-3775)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	grub2-efi-aa64-2.02-142.el8_7.1.alma.aarch64.rpm	3333be20494a081662d420a211899a84bd9398e08ddee3d6c635e6786204845b
aarch64	grub2-tools-extra-2.02-142.el8_7.1.alma.aarch64.rpm	4682c47e3f24b441107ecd5a71978655df49cbbce21d834551f9ed9d3030766b
aarch64	grub2-tools-2.02-142.el8_7.1.alma.aarch64.rpm	b9bf6c32f325bd702657fba587ea2a9e0a689855a61b280eda871db291bf0bec
aarch64	grub2-efi-aa64-cdboot-2.02-142.el8_7.1.alma.aarch64.rpm	c8fb65a8b60a13d9504c8e1907ef9bd0bf2176c1524e40854fd56cfac9a394f0
aarch64	grub2-tools-minimal-2.02-142.el8_7.1.alma.aarch64.rpm	f2462fe56b971e7ec19fe563811a779a285f4f689368a07a02a115b5839ad4ab
noarch	grub2-ppc64le-modules-2.02-142.el8_7.1.alma.noarch.rpm	07dedffa05e3f77f66bd7c0eede31d17d8a83d5f08e575cb685ecf89a8435f44
noarch	grub2-pc-modules-2.02-142.el8_7.1.alma.noarch.rpm	1f498423530ddf56a17f00d8165f281e7e569489c7f197660829717d63bccb62
noarch	grub2-efi-aa64-modules-2.02-142.el8_7.1.alma.noarch.rpm	5dbc38e4224729c081976227a7cc2d3fb872f07897282b0317e39981771efed2
noarch	grub2-common-2.02-142.el8_7.1.alma.noarch.rpm	99fa27d0de31508b804d1cdbc459438242226838132a519ae4efae2137ab4886
noarch	grub2-efi-ia32-modules-2.02-142.el8_7.1.alma.noarch.rpm	c8b353c72a78fb00bf9a0c97aafcdd3719208724c1b26d34cb01c014b4884c04
noarch	grub2-efi-x64-modules-2.02-142.el8_7.1.alma.noarch.rpm	ddc342a40988a080b508fe5e82b85b18b217c56ba7caa823758c9bcfb9cb0e72
ppc64le	grub2-tools-extra-2.02-142.el8_7.1.alma.ppc64le.rpm	3a23472ad36c1429dabc408a9d2b55b2e3bb49a39fc3bfccb25b3825638cdd32
ppc64le	grub2-tools-minimal-2.02-142.el8_7.1.alma.ppc64le.rpm	413c9625cbf7d714250885bd2f51deb3454b0cb779ee06f166497b15cd98b54b
ppc64le	grub2-ppc64le-2.02-142.el8_7.1.alma.ppc64le.rpm	9ee8a21428cfb545502b95ad392453d96bcc9f4567a7ad0746fd9fca9aee5c03
ppc64le	grub2-tools-2.02-142.el8_7.1.alma.ppc64le.rpm	a962599c59a1008e0a73157fbb6ebfe480f6bd1d2fc00e32026e981abe55e9e1
x86_64	grub2-efi-x64-cdboot-2.02-142.el8_7.1.alma.x86_64.rpm	12c9f8341cc6b2ffc196357ac42a81ed88e19e3e73018f4c778f095220d89096
x86_64	grub2-tools-extra-2.02-142.el8_7.1.alma.x86_64.rpm	39f177185c958fa01adbf62a419cdc4c5444cd7838ae0ffa32217b3955eab5dd
x86_64	grub2-efi-ia32-cdboot-2.02-142.el8_7.1.alma.x86_64.rpm	5588cc8916a70746cdfffaadc68e27520cb539626044dc2eb89220b2db0dfb50
x86_64	grub2-tools-efi-2.02-142.el8_7.1.alma.x86_64.rpm	89548eb325a15d9b6f9c2227a1fc6c31af83dc2831362a5afa44a8d695ba9631
x86_64	grub2-efi-ia32-2.02-142.el8_7.1.alma.x86_64.rpm	989fc7dfe24cad411c3720b522024d64f7c08216f14ed78be02e0b42417967dc
x86_64	grub2-tools-2.02-142.el8_7.1.alma.x86_64.rpm	a6c52066f7a9b0868e685b1740f48bfaeedf3e8f9ac74186a8eb81f05b16d476
x86_64	grub2-efi-x64-2.02-142.el8_7.1.alma.x86_64.rpm	c028c5cac313e88d5918d4432d4d7d7af5372fecfd43369d134f5250637b69bc
x86_64	grub2-pc-2.02-142.el8_7.1.alma.x86_64.rpm	db511b5c73afe2ac62bbd65d025e6b88321e92e1adcb8b70ba5d0c5375c2a4e6
x86_64	grub2-tools-minimal-2.02-142.el8_7.1.alma.x86_64.rpm	ef7b9ed62d5be199d6b1c804f629ec293f8cc940e265dc5880170443cc4b8b67

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.