ALSA-2023:0752

[ALSA-2023:0752] Moderate: grub2 security update

Type:

security

Severity:

moderate

Release date:

2023-02-14

Description:

The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices.

Security Fix(es):

* grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass (CVE-2022-2601)
* grub2: Heap based out-of-bounds write when redering certain unicode sequences (CVE-2022-3775)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	grub2-tools-2.06-46.el9_1.3.alma.aarch64.rpm	22bb5e40bec64635144dc1519b477bd2c8d822de8732ee0e5b675e44d7be8f15
aarch64	grub2-tools-extra-2.06-46.el9_1.3.alma.aarch64.rpm	3bd234628d18011d453d2f3951a2e912415dbc27fefd22584976f0941d50f9ab
aarch64	grub2-efi-aa64-cdboot-2.06-46.el9_1.3.alma.aarch64.rpm	4b70bd1225601c5d58c9332493b55bf89f8ddedddb1882e839ff36575ad0891b
aarch64	grub2-efi-aa64-2.06-46.el9_1.3.alma.aarch64.rpm	8d574188100d267e9d2a8b8486696808d12c71e1eef122237b2a03412f4e40b9
aarch64	grub2-tools-minimal-2.06-46.el9_1.3.alma.aarch64.rpm	def308f494e9d4ea039936c629191ba67d0822cce3f59b8d31aa420f4d8e40fa
noarch	grub2-common-2.06-46.el9_1.3.alma.noarch.rpm	3d7943591c3cb72c5c1c2d0b121c33aa63616191a20b0ac166476e682a726637
noarch	grub2-efi-aa64-modules-2.06-46.el9_1.3.alma.noarch.rpm	5b6f1faa4ae5339ce884ee06acee48e704732f35490d956b6bd8ef40f54bd2d1
noarch	grub2-ppc64le-modules-2.06-46.el9_1.3.alma.noarch.rpm	82ba3017d2f07ad9ca07ec640bf5bc5278ec56021f17199e8d3e98f0951b3d7b
noarch	grub2-pc-modules-2.06-46.el9_1.3.alma.noarch.rpm	98b06fac39d220136e99deec52b95840c38240bf9b56210a5010600b6f57faa1
noarch	grub2-efi-x64-modules-2.06-46.el9_1.3.alma.noarch.rpm	bb7dbf92409f9a739e2f7009a330c2c8fd7827db40118327f4ab18639a16c82d
ppc64le	grub2-tools-2.06-46.el9_1.3.alma.ppc64le.rpm	2066fa90ea28ea6104284170d9b8eb899a85b2bf0325e6bd543e8dde5f9006e5
ppc64le	grub2-tools-minimal-2.06-46.el9_1.3.alma.ppc64le.rpm	2a30a6c2df080b48d3b4ae0b227b0f0c2378bfee45aa6e966788afd012455ee0
ppc64le	grub2-ppc64le-2.06-46.el9_1.3.alma.ppc64le.rpm	6393af6328bc883a93fdffda019d0992abe7772f113581c328d77c41c4d81e2f
ppc64le	grub2-tools-extra-2.06-46.el9_1.3.alma.ppc64le.rpm	7abbb5232f0231b6da22bc9f7c35c5290b76b3e5ff6a8593f3e80358b4eb8aeb
x86_64	grub2-tools-efi-2.06-46.el9_1.3.alma.x86_64.rpm	2e5da8f931b6f9ec894ac08bf68693874938b05c8a217367b1fa9e7fe77ea3ca
x86_64	grub2-tools-2.06-46.el9_1.3.alma.x86_64.rpm	3bbd1d52cbc1c64402c47c2017c39b709a7d1dd937cd96664ba99efba63fb125
x86_64	grub2-tools-extra-2.06-46.el9_1.3.alma.x86_64.rpm	46cea3ddec9c1e513181e5c8d866d2645aede1d0f9b85ea53a20069943232dc4
x86_64	grub2-tools-minimal-2.06-46.el9_1.3.alma.x86_64.rpm	4d8960b9edfbeb45a2dae63fc037c493ddd2685c87e8a201ebc8668b7ae10d8f
x86_64	grub2-pc-2.06-46.el9_1.3.alma.x86_64.rpm	944150ad9c1799da77e5ab4af885d8c69601f74e6244b6b4644b428d9c7fa830
x86_64	grub2-efi-x64-cdboot-2.06-46.el9_1.3.alma.x86_64.rpm	eaa03b0aea35e19bace6922e8752b4feb1b876c9899a41c70464a1633cfeaa00
x86_64	grub2-efi-x64-2.06-46.el9_1.3.alma.x86_64.rpm	f4951da92d66494085be97e331703b68ca460a2c935fff1e3587767fc5256ec6

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.