grub2-2.02-142.el8.1.ML.1

エラータID: AXSA:2023-4726:01

Release date: 
Friday, January 13, 2023 - 04:37
Subject: 
grub2-2.02-142.el8.1.ML.1
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices.

Security Fix(es):

* grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass (CVE-2022-2601)
* grub2: Heap based out-of-bounds write when redering certain unicode sequences (CVE-2022-3775)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2022-2601
A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism.
CVE-2022-3775
When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.

Solution: 

Update packages.

CVEs: 
CVE-2022-2601
A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism.
CVE-2022-3775
When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.
Additional Info: 

N/A

Download: 

SRPMS
  1. grub2-2.02-142.el8.1.ML.1.src.rpm
    MD5: 1992bd56a13dfcda8a508222d30aed67
    SHA-256: 2a25473276dcf2f8c664663745a18dc36307e674fcab070d7cd3522a8fa4fbf9
    Size: 7.83 MB

Asianux Server 8 for x86_64
  1. grub2-common-2.02-142.el8.1.ML.1.noarch.rpm
    MD5: 8347c55a2bba8fa7ab5852a9842ceb53
    SHA-256: f07f967bde5e5af0518350b4c5e4239099979ed036dfed0026351dc02c820f09
    Size: 893.32 kB
  2. grub2-efi-ia32-2.02-142.el8.1.ML.1.x86_64.rpm
    MD5: 1f4d28f68a63c5c3ae19552dc68252da
    SHA-256: ab691b317bf0d362cf72378c2eb71746dedd645ae5f781774e384e8379f38d0f
    Size: 443.76 kB
  3. grub2-efi-ia32-cdboot-2.02-142.el8.1.ML.1.x86_64.rpm
    MD5: 95f2271fda06ee411efd36659a403d4a
    SHA-256: 944dd8502df64b59b76778a9087ae8249580302ad50bb0d4e417606918e176f9
    Size: 1.20 MB
  4. grub2-efi-ia32-modules-2.02-142.el8.1.ML.1.noarch.rpm
    MD5: bc754fa6a2a514208f979d2851cfe6da
    SHA-256: 2fdc2be49880a2d5092af017ea30cab6d1a3735908be444df0099f8c870b675b
    Size: 1.05 MB
  5. grub2-efi-x64-2.02-142.el8.1.ML.1.x86_64.rpm
    MD5: 52fa3abb00e6f470d1b5d30b488381b8
    SHA-256: 6198afe70eae6511e73eb94e51777cb33e3977c4c6dd1438323328bfa6838035
    Size: 467.64 kB
  6. grub2-efi-x64-cdboot-2.02-142.el8.1.ML.1.x86_64.rpm
    MD5: cc322e495cf55c177fbb3500f067d9d8
    SHA-256: e1b0f3f54c29daf63d4517c47511b085eb930106afdf8de6b51490282e4144ed
    Size: 1.23 MB
  7. grub2-efi-x64-modules-2.02-142.el8.1.ML.1.noarch.rpm
    MD5: 46f724c4557285530f74db4d4d7a17d8
    SHA-256: d56911ce98cce06032ae33b0ff07ab779b737cf073336a4353695304234074f3
    Size: 1.07 MB
  8. grub2-pc-2.02-142.el8.1.ML.1.x86_64.rpm
    MD5: 80302502fa0834549693b8306507706e
    SHA-256: 26afedeb8f51a14c5c923dc70f4f0ad1a9ed9c859f771ed3a2b1881a5fe7a723
    Size: 44.10 kB
  9. grub2-tools-2.02-142.el8.1.ML.1.x86_64.rpm
    MD5: cade530d8e90256fa9a9292afa1a9f76
    SHA-256: d068d9972b0cc7384d0bdeab2f7b63780afc4e6f4779b7925296510ee4a76962
    Size: 1.98 MB
  10. grub2-tools-efi-2.02-142.el8.1.ML.1.x86_64.rpm
    MD5: 431fa87d80fe8818056d80984f3749fb
    SHA-256: afe8b08dafdb12022c0433ad6791ec5e06609d069f8b5bcd6bbca3f248c07264
    Size: 477.39 kB
  11. grub2-tools-extra-2.02-142.el8.1.ML.1.x86_64.rpm
    MD5: 7f8b7f0e33f736c18d05bb5fa4ea699a
    SHA-256: 9eb5a3c09da99db9e511a2bcc9ec49ee2be985c668155e196857c39f19278b5a
    Size: 1.07 MB
  12. grub2-tools-minimal-2.02-142.el8.1.ML.1.x86_64.rpm
    MD5: acd1d777d9501b8486359f74f953a3e2
    SHA-256: 357f3fdde7e9647b26462eb0ba1cd4452486125f57fe67276648c43fc867ed4a
    Size: 211.59 kB
  13. grub2-pc-modules-2.02-142.el8.1.ML.1.noarch.rpm
    MD5: d617d54fb411a66763bf163bdb05c407
    SHA-256: 5d7f6824dbcf569261d28d716a173fdc91be5086e9af33d527e0007c43cf5c52
    Size: 920.23 kB