grub2-2.06-46.el9.3.ML.1
エラータID: AXSA:2023-5114:03
The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices.
Security Fix(es):
* grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass (CVE-2022-2601)
* grub2: Heap based out-of-bounds write when redering certain unicode sequences (CVE-2022-3775)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2022-2601
A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism.
CVE-2022-3775
When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.
Update packages.
A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism.
When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.
N/A
SRPMS
- grub2-2.06-46.el9.3.ML.1.src.rpm
MD5: ecf81fa224a23c30de80d34470203951
SHA-256: a459cc30260a8892d75406260a5b5ca9d8540c996ac506a6f38de4b4955bc164
Size: 13.94 MB
Asianux Server 9 for x86_64
- grub2-common-2.06-46.el9.3.ML.1.noarch.rpm
MD5: 70609059c31f48f6576bc3cd709293ae
SHA-256: 3f2c5fde12536320af3b91455f4d491c80012b9cba5b529afaf0c0449b70e7a1
Size: 904.32 kB - grub2-efi-x64-2.06-46.el9.3.ML.1.x86_64.rpm
MD5: c48d2842cfe7879094b4f8a030d79ef8
SHA-256: 9d1f81451b7ec0264c60f32d791c624b9fdf2b9f00056b8649f85c34e5ebb42e
Size: 1.30 MB - grub2-efi-x64-cdboot-2.06-46.el9.3.ML.1.x86_64.rpm
MD5: 12a86525c6cdaec11def2d11f2a92bdb
SHA-256: 6c79387fbe516c1e28bfb7cd00fc50964c160aa36adab970016978919b35dc2b
Size: 1.30 MB - grub2-efi-x64-modules-2.06-46.el9.3.ML.1.noarch.rpm
MD5: 27b52df785ee5f24f98e075b375deac0
SHA-256: 171fe11128019fbc8e5f4fdb2b0f7f5215886e47f9d22bf3f27cd5151112e8c2
Size: 1.03 MB - grub2-pc-2.06-46.el9.3.ML.1.x86_64.rpm
MD5: 9ff77f7a4cbec50754c6304fd4c66c36
SHA-256: 10ceba8aaa12350f92fe7fd4104c6245f677ccaeb37b6ab645d8db394cc4a213
Size: 14.25 kB - grub2-pc-modules-2.06-46.el9.3.ML.1.noarch.rpm
MD5: 6e8355050e859a02d9d4f001a451e81f
SHA-256: 01de19215733373ba0a53016ebdc4076f83e0255f507a3dcefc9de6969ae0c92
Size: 907.31 kB - grub2-tools-2.06-46.el9.3.ML.1.x86_64.rpm
MD5: 8f66abaf12bee28593c87c39c21ef5c0
SHA-256: 3b973f4aa6ddd937dab00786cd96972808eaed55b60a4d602eb97e462c6bc050
Size: 1.83 MB - grub2-tools-efi-2.06-46.el9.3.ML.1.x86_64.rpm
MD5: 5fc3b5808e8432ae7cfc83e28cd04890
SHA-256: 02532d7d5ad97d44b99a9b01e4edc40f0fa22a29420d156ed791bc32c6cd406f
Size: 539.01 kB - grub2-tools-extra-2.06-46.el9.3.ML.1.x86_64.rpm
MD5: 510e1f3f277aaa201dd70eb2717812ae
SHA-256: 409d23240807fc2c2ee1f08c3f9340c9b8796702ed138048e75faa2ea9b4ee54
Size: 835.93 kB - grub2-tools-minimal-2.06-46.el9.3.ML.1.x86_64.rpm
MD5: 05ab8d2cf57dc02517450c557747292c
SHA-256: 82fe3ecdaae536f4dfc9479ed8f6e2b829e4c2922dbc9d9e7d124de786ee7e0a
Size: 600.67 kB