8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
26.3%
The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices.
The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments.
Security Fix(es):
grub2: Integer underflow in grub_net_recv_ip4_packets (CVE-2022-28733)
grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap (CVE-2021-3695)
grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling (CVE-2021-3696)
grub2: Crafted JPEG image can lead to buffer underflow write in the heap (CVE-2021-3697)
grub2: Out-of-bound write when handling split HTTP headers (CVE-2022-28734)
grub2: shim_lock verifier allows non-kernel files to be loaded (CVE-2022-28735)
grub2: use-after-free in grub_cmd_chainloader() (CVE-2022-28736)
shim: Buffer overflow when loading crafted EFI images (CVE-2022-28737)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 8 | aarch64 | mokutil | < 0.3.0-11.el8_4.1 | mokutil-0.3.0-11.el8_4.1.aarch64.rpm |
RedHat | 8 | x86_64 | grub2-tools-efi-debuginfo | < 2.02-99.el8_4.9 | grub2-tools-efi-debuginfo-2.02-99.el8_4.9.x86_64.rpm |
RedHat | 8 | aarch64 | grub2-tools-extra | < 2.02-99.el8_4.9 | grub2-tools-extra-2.02-99.el8_4.9.aarch64.rpm |
RedHat | 8 | x86_64 | shim-unsigned-x64 | < 15.6-1.el8 | shim-unsigned-x64-15.6-1.el8.x86_64.rpm |
RedHat | 8 | x86_64 | grub2-efi-ia32 | < 2.02-99.el8_4.9 | grub2-efi-ia32-2.02-99.el8_4.9.x86_64.rpm |
RedHat | 8 | x86_64 | grub2-tools | < 2.02-99.el8_4.9 | grub2-tools-2.02-99.el8_4.9.x86_64.rpm |
RedHat | 8 | aarch64 | mokutil-debuginfo | < 0.3.0-11.el8_4.1 | mokutil-debuginfo-0.3.0-11.el8_4.1.aarch64.rpm |
RedHat | 8 | ppc64le | grub2-tools-extra-debuginfo | < 2.02-99.el8_4.9 | grub2-tools-extra-debuginfo-2.02-99.el8_4.9.ppc64le.rpm |
RedHat | 8 | aarch64 | shim-aa64 | < 15.6-1.el8 | shim-aa64-15.6-1.el8.aarch64.rpm |
RedHat | 8 | ppc64le | grub2-debuginfo | < 2.02-99.el8_4.9 | grub2-debuginfo-2.02-99.el8_4.9.ppc64le.rpm |
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
26.3%