grub2-2.02-0.87.14.0.1.el7.AXS7
エラータID: AXSA:2024-7721:02
リリース日:
2024/05/13 Monday - 19:42
題名:
grub2-2.02-0.87.14.0.1.el7.AXS7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- grub2 の grub_font_construct_glyph 関数には、ヒープベース
のバッファオーバーフローを引き起こす問題があるため、巧妙
に細工された pf2 フォントを介して、セキュアブート機構の
回避を可能とする脆弱性が存在します。(CVE-2022-2601)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2022-2601
A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism.
A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism.
追加情報:
N/A
ダウンロード:
SRPMS
- grub2-2.02-0.87.14.0.1.el7.AXS7.src.rpm
MD5: 4544ca4aa0116d2d047a13cb2e8cce6c
SHA-256: 688a37a89f6f5c39c5ce06f56bef9998660571e821803ccceea6f6527ac60be1
Size: 7.06 MB
Asianux Server 7 for x86_64
- grub2-2.02-0.87.14.0.1.el7.AXS7.x86_64.rpm
MD5: a6d75d7d1b14c9c3d1699f3b1d601a5f
SHA-256: 5f26657543d164ff043d403109029f0beeaa03e260fd09e30ef35fff24f8f6a7
Size: 33.85 kB - grub2-common-2.02-0.87.14.0.1.el7.AXS7.noarch.rpm
MD5: 621024ba3948247710f0a9e4c5fd6f5d
SHA-256: 6aa5c3fc9e3461bf5adda4d44f09628c164da0e2c69197890a8023e17e9a86ff
Size: 732.26 kB - grub2-efi-ia32-2.02-0.87.14.0.1.el7.AXS7.x86_64.rpm
MD5: 3dfa0a869462c1539679330b72c789d1
SHA-256: 95e9c5bbb32c7447ea11dbf0e09485cb7db4a0c4c8d4aadfd79662c9f6c473e1
Size: 1.42 MB - grub2-efi-ia32-modules-2.02-0.87.14.0.1.el7.AXS7.noarch.rpm
MD5: ed932aeba35e2a044c72cf994bce84a5
SHA-256: 9af1ba801af3a42f0caf7a54b13a165ecb6c9370cf2ef3509ef89a47de720412
Size: 1.08 MB - grub2-efi-x64-2.02-0.87.14.0.1.el7.AXS7.x86_64.rpm
MD5: 586a2898d1f7fde422ae88892381f94c
SHA-256: e092ac30e55197c54b49d3866f98000a11141ba06566633ba625df06a9fad4d9
Size: 1.12 MB - grub2-efi-x64-modules-2.02-0.87.14.0.1.el7.AXS7.noarch.rpm
MD5: 8941e0702e65f06457a25b6b8491cebb
SHA-256: a43ce745e5b67760b11ec5df0eec9d7d6810ce5e6160d158e764684f0ca6572d
Size: 1.11 MB - grub2-pc-2.02-0.87.14.0.1.el7.AXS7.x86_64.rpm
MD5: 859c74f54f92956a426a91265c26abbd
SHA-256: 7eafee28759c6d599dabf82597791c5f80183833ad8a058c6dafdf32f21140d0
Size: 33.91 kB - grub2-pc-modules-2.02-0.87.14.0.1.el7.AXS7.noarch.rpm
MD5: eb53f384fd29ecb45d270c7a7da8f457
SHA-256: 69cfc7595be0825187f66412a3a9603ec46bb36a75ed744f4841dc27ddd9ef1b
Size: 860.06 kB - grub2-tools-2.02-0.87.14.0.1.el7.AXS7.x86_64.rpm
MD5: f785fc71ea5d49010e61956a2eb6c837
SHA-256: 437eff4864186be2f85eb695dd59127d2f23f58ee36edf5582044e2f4e505f67
Size: 1.79 MB - grub2-tools-extra-2.02-0.87.14.0.1.el7.AXS7.x86_64.rpm
MD5: d60aed629c9f22a1cb701a3e76e167e5
SHA-256: 42977145b8161a560d6132181be2a9890ee5e31283a749faeeeed5bc6c024eaa
Size: 1.00 MB - grub2-tools-minimal-2.02-0.87.14.0.1.el7.AXS7.x86_64.rpm
MD5: c11149fb3ea22076b601c5459ebd76ee
SHA-256: eea1bbc620d272da8e71d12c8f1e5aca7d2be3ee1bb06b44ae3dc21a791c3d27
Size: 177.07 kB
English