Lucene search

K
oraclelinuxOracleLinuxELSA-2022-9595
HistoryJul 14, 2022 - 12:00 a.m.

grub2 security update

2022-07-1400:00:00
linux.oracle.com
28

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

[2.02-123.0.7.el8_6.8]

  • Enable back btrfs module by default [Orabug: 34377188]
    [2.02-123.0.6.el8_6.8]
  • Backport upstream SNP protocol fixes [Orabug: 34195100]
    [2.02-123.0.5.el8_6.8]
  • Rebase Fix EFI loader kernel image allocation patch, adapt it to new NX code [Orabug: 34352232]
    [2.02-123.0.4.el8_6.8]
  • enable multiboot2 [Orabug: 34285558]
  • backport arm64: Fix EFI loader kernel image allocation [Orabug: 33702462]
  • backport Arm: check for the PE magic for the compiled arch [Orabug: 33702462]
  • Backport some better script logic for BTRFS support [Orabug: 32448171]
  • Do not add shim and grub certificate deps for aarch64 packages [Orabug: 32670033]
  • Update Oracle SBAT data [Orabug: 32670033]
  • Use new signing certificate [Orabug: 32670033]
  • Fix various coverity issues [Orabug: 32530657]
  • Set proper blsdir if /boot is on btrfs rootfs [Orabug: 32063327]
  • Add CVE-2020-15706, CVE-2020-15707 to the list [Orabug: 31225072]
  • honor /etc/sysconfig/kernel DEFAULTKERNEL setting for BLS [Orabug: 30643497]
  • set EFIDIR as redhat for additional grub2 tools [Orabug: 29875597]
  • Update upstream references [Orabug: 26388226]
  • Insert Unbreakable Enterprise Kernel text into BLS config file [Orabug: 29417955]
  • fix symlink removal scriptlet, to be executed only on removal [Orabug: 19231481]
  • Fix comparison in patch for 18504756
  • Remove symlink to grub environment file during uninstall on EFI platforms [Orabug: 19231481]
  • Put ‘with’ in menuentry instead of ‘using’ [Orabug: 18504756]
  • Use different titles for UEK and RHCK kernels [Orabug: 18504756]
    [2.06-123.el8_6.8]
  • CVE fixes for 2022-06-07
  • CVE-2022-28736 CVE-2022-28735 CVE-2022-28734 CVE-2022-28733
  • CVE-2021-3697 CVE-2021-3696 CVE-2021-3695
  • Resolves: #2031899

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C