Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP2
patchinfo.18448
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.18448
<patchinfo incident="18448"> <issue tracker="bnc" id="1182262">VUL-0: EMBARGOED: CVE-2021-20225: grub2: heap out-of-bounds write in short form option parser</issue> <issue tracker="bnc" id="1179265">VUL-0: EMBARGOED: CVE-2020-27779: grub2: cutmem command allow privilleged user to remove memory regions when Secure Boot is enabled</issue> <issue tracker="bnc" id="1182263">VUL-0: EMBARGOED: CVE-2021-20233: grub2: heap out-of-bound write due to mis-calculation of space required for quoting</issue> <issue tracker="bnc" id="1177883">VUL-0: EMBARGOED: CVE-2020-25647: grub2: out-of-bound write in grub_usb_device_initialize()</issue> <issue tracker="bnc" id="1176711">VUL-0: EMBARGOED: CVE-2020-25632: grub2: use-after-free in rmmod command</issue> <issue tracker="bnc" id="1182057">VUL-0: grub2,shim: implement new SBAT method</issue> <issue tracker="bnc" id="1179264">VUL-0: EMBARGOED: CVE-2020-27749: grub2: Stack buffer overflow in grub_parser_split_cmdline</issue> <issue tracker="bnc" id="1175970">VUL-0: EMBARGOED: CVE-2020-14372: grub2: acpi: command allows privileged user to load crafted ACPI tables when secure boot is enabled</issue> <issue tracker="cve" id="2020-25647"/> <issue tracker="cve" id="2021-20225"/> <issue tracker="cve" id="2020-27749"/> <issue tracker="cve" id="2021-20233"/> <issue tracker="cve" id="2020-27779"/> <issue tracker="cve" id="2020-14372"/> <issue tracker="cve" id="2020-25632"/> <packager>michael-chang</packager> <rating>important</rating> <category>security</category> <summary>Security update for grub2</summary> <description>This update for grub2 fixes the following issues: grub2 now implements the new "SBAT" method for SHIM based secure boot revocation. (bsc#1182057) Following security issues are fixed that can violate secure boot constraints: - CVE-2020-25632: Fixed a use-after-free in rmmod command (bsc#1176711) - CVE-2020-25647: Fixed an out-of-bound write in grub_usb_device_initialize() (bsc#1177883) - CVE-2020-27749: Fixed a stack buffer overflow in grub_parser_split_cmdline (bsc#1179264) - CVE-2020-27779, CVE-2020-14372: Disallow cutmem and acpi commands in secure boot mode (bsc#1179265 bsc#1175970) - CVE-2021-20225: Fixed a heap out-of-bounds write in short form option parser (bsc#1182262) - CVE-2021-20233: Fixed a heap out-of-bound write due to mis-calculation of space required for quoting (bsc#1182263) </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
