Advisory ROSA-SA-2023-2300

Software: grub2 2.02
OS: ROSA Virtualization 2.1

package_evr_string: grub2-2.02-106.0.3.rv3.src.rpm

CVE-ID: CVE-2020-14372
BDU-ID: 2022-00326
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the Secure Boot protocol implementation of the Grub2 operating system boot loader is related to an incorrect restriction on the use of ACPI commands. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, impact data integrity, and cause a denial of service
CVE-STATUS: Resolved
CVE-REV: Run yum update grub2 command to close it

CVE-ID: CVE-2020-25632
BDU-ID: 2022-00313
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the implementation of the rmmod command of the Grub2 operating systems loader is related to the lack of checking for loaded modules. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, affect data integrity, and cause a denial of service
CVE-STATUS: Resolved
CVE-REV: To close, run yum update grub2

CVE-ID: CVE-2020-25647
BDU-ID: 2022-00313
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the implementation of the rmmod command of the Grub2 operating systems loader is related to the lack of checking for loaded modules. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, affect data integrity, and cause a denial of service
CVE-STATUS: Resolved
CVE-REV: To close, run yum update grub2

CVE-ID: CVE-2020-27749
BDU-ID: 2022-00338
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the implementation of Grub2 operating systems boot loader functions is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, impact data integrity, and cause a denial-of-service condition
CVE-STATUS: Resolved
CVE-REV: Execute yum update grub2 to close.

CVE-ID: CVE-2020-27779
BDU-ID: 2022-00341
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the implementation of the cutmem command of the Grub2b operating systems loader is related to a violation of the authorization mechanism. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, impact data integrity, and cause a denial of service
CVE-STATUS: Resolved
CVE-REV: Run the yum update grub2 command to close.

CVE-ID: CVE-2021-20225
BDU-ID: 2022-00308
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the Grub2 operating system boot loader is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, impact data integrity, and cause a denial of service
CVE-STATUS: Resolved
CVE-REV: Execute yum update grub2 to close.

CVE-ID: CVE-2021-20233
BDU-ID: 2022-00304
CVE-Crit: HIGH
CVE-DESC.: An implementation vulnerability in the Grub2 operating systems boot loader’s Setparam_prefix() function is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, affect data integrity, and cause a denial of service
CVE-STATUS: Resolved
CVE-REV: Execute yum update grub2 to close.

CVE-ID: CVE-2022-28733
BDU-ID: 2022-03372
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the grub_net_recv_ip4_packets function of the Grub operating systems bootloader program is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by sending specially crafted IP packets
CVE-STATUS: Resolved
CVE-REV: To close, run the yum update grub2 command

CVE-ID: CVE-2022-28734
BDU-ID: None
CVE-Crit: CRITICAL
CVE-DESC.: Writing outside of bounds when processing delimited HTTP headers; When processing delimited HTTP headers, GRUB2 HTTP code inadvertently moves an internal data buffer point by one position. This can result in further writes outside the buffer when analyzing the HTTP request and writing a NULL byte outside the buffer. It is possible that a set of packets controlled by an attacker could cause corruption of GRUB2 internal memory metadata.
CVE-STATUS: Fixed
CVE-REV: Run the yum update grub2 command to close.

CVE-ID: CVE-2022-28735
BDU-ID: None
CVE-Crit: HIGH
CVE-DESC.: The shim_lock verifier in GRUB2 allows non-core files to be loaded on shim-enabled secure boot systems. Allowing such files to be loaded can lead to unverified code and modules being loaded into GRUB2, breaking the secure boot chain of trust.
CVE-STATUS: Fixed
CVE-REV: Run the yum update grub2 command to close.

CVE-ID: CVE-2022-28736
BDU-ID: None
CVE-Crit: HIGH
CVE-DESC.: There is a post-release exploit vulnerability in the grub_cmd_chainloader() function; The Chainloader command is used to load operating systems that do not support multibooting and are not directly supported by GRUB2. When Chainloader is re-run, the use-after-free vulnerability is triggered. If an attacker can control the GRUB2 memory allocation pattern, sensitive data can be exposed and arbitrary code execution can be achieved.
CVE-STATUS: Fixed
CVE-REV: Run the yum update grub2 command to close it