[ALSA-2022:5099] Important: grub2, mokutil, shim, and shim-unsigned-x64 security update
Type:
security
Severity:
important
Release date:
2022-08-23
Description:
The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Security Fix(es): * grub2: Integer underflow in grub_net_recv_ip4_packets (CVE-2022-28733) * grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap (CVE-2021-3695) * grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling (CVE-2021-3696) * grub2: Crafted JPEG image can lead to buffer underflow write in the heap (CVE-2021-3697) * grub2: Out-of-bound write when handling split HTTP headers (CVE-2022-28734) * grub2: shim_lock verifier allows non-kernel files to be loaded (CVE-2022-28735) * grub2: use-after-free in grub_cmd_chainloader() (CVE-2022-28736) * shim: Buffer overflow when loading crafted EFI images (CVE-2022-28737) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 grub2-tools-minimal-2.06-27.el9_0.7.alma.aarch64.rpm 21f79a322596f86c390a453491612bdc6bb7fe56a4b62d3152aacb0bb899ea8c
aarch64 grub2-tools-extra-2.06-27.el9_0.7.alma.aarch64.rpm 71d0e7caf80d639f0fa862c16a381607d517b1c216837a95ca1cff8c338d5b10
aarch64 shim-aa64-15.6-1.el9.alma.aarch64.rpm 7cad70a0e50a03ad5382596f9698297a1dfeb5cb018f06ed78f3961a39b8f37a
aarch64 grub2-tools-2.06-27.el9_0.7.alma.aarch64.rpm 9205288b196374c91de5cf5b3644dc72e91e40bb1a227d9219fd0258983f1a3f
aarch64 grub2-efi-aa64-cdboot-2.06-27.el9_0.7.alma.aarch64.rpm a2357ac73171a0c6b78dc666e0aa57791715ee10d044692ad33d339650c1095d
aarch64 grub2-efi-aa64-2.06-27.el9_0.7.alma.aarch64.rpm ae2eaa7b00d66640b0ba4463f813a7a914e9ad2af5d50d5655708721338eac23
noarch grub2-efi-x64-modules-2.06-27.el9_0.7.alma.noarch.rpm 7c1a39435cb145b6331f3d84a54a2b8bb29606f0240fcdd51c7ef7e400db63d5
noarch grub2-efi-aa64-modules-2.06-27.el9_0.7.alma.noarch.rpm 8741776e12b0fd0ce6b1682017da1f8873880b51e05189756550de434d50a722
noarch grub2-ppc64le-modules-2.06-27.el9_0.7.alma.noarch.rpm ac01bf19abdade8860177a8e290b70d806375c8a2d9ed3ff47b54d1256005f16
noarch grub2-pc-modules-2.06-27.el9_0.7.alma.noarch.rpm e2370f5a48d28813f385af92662f53c7c47d593d5c735809aaa6b7d8bc329c07
noarch grub2-common-2.06-27.el9_0.7.alma.noarch.rpm ec2931fabadf7f9962946fbe110f6ac90a76e684339698e6685369054ebb6cb7
ppc64le grub2-tools-minimal-2.06-27.el9_0.7.alma.ppc64le.rpm 1821297d36711ad3d642b8b5d59b0217444ca947e3d4c9bfa1a79b40a4c49014
ppc64le grub2-ppc64le-2.06-27.el9_0.7.alma.ppc64le.rpm 1f82dfeb45eb35354dc4a2a3498769cd0d7f902a7c6543bac0785ec3f579c43e
ppc64le grub2-tools-extra-2.06-27.el9_0.7.alma.ppc64le.rpm 9fc2f2542e96485dff906b00135854d7adc0d336be096c5ec5c1e0d5d9d8010b
ppc64le grub2-tools-2.06-27.el9_0.7.alma.ppc64le.rpm f236b13ed64457125a96fac02b01904de487f6acf38ab7c5ce61c0b6e747d68b
x86_64 shim-unsigned-x64-15.6-1.el9.alma.x86_64.rpm 13839385d82978bf25d4073b5d66f5c99376795605e37bff69d97726ee095d70
x86_64 grub2-tools-minimal-2.06-27.el9_0.7.alma.x86_64.rpm 31e6d5091153ade52a4fb7679f3e66015e06230ddffe4e9d44be2be43e661b04
x86_64 grub2-efi-x64-2.06-27.el9_0.7.alma.x86_64.rpm 3bf5652571ac5dafd7bd7e3220a2943fa4fd6a7e2fbdfd7524a7312b51577de4
x86_64 grub2-efi-x64-cdboot-2.06-27.el9_0.7.alma.x86_64.rpm 4a0c34f66a589fb6e36e023fb18adab58d4785e1f73306583f303da0cec56502
x86_64 grub2-tools-efi-2.06-27.el9_0.7.alma.x86_64.rpm 5b00e7ed258bedbfcd25c731d58ce8d2a18699982b929828e83763d7ab34148a
x86_64 grub2-tools-2.06-27.el9_0.7.alma.x86_64.rpm 6c2c0baad753ebee0ac9221386bd4904c9a25883d825294cb358980632ed0ba9
x86_64 grub2-tools-extra-2.06-27.el9_0.7.alma.x86_64.rpm bfdba0600c7a22194f551feb4b4180ffb3c3606d1bd284e35af6c16592944d5a
x86_64 grub2-pc-2.06-27.el9_0.7.alma.x86_64.rpm d5dce45b75bf04e717a88a8e9d17b4ed01f3cb2617730f015a7895ed384ca77c
x86_64 shim-x64-15.6-1.el9.alma.x86_64.rpm eb23ed7b73eef84cdc6988d633a466c94dbcfe74e1ccce14075ce68b2b2ad5e1
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.