7 matches found
MiracleLinux 7 : grub2-2.02-0.29.0.1.el7.AXS7 (AXSA:2015-830:02)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-830:02 advisory. The GRand Unified Bootloader GRUB is a highly configurable and customizable bootloader with modular architecture. It support rich varietyof kernel formats, fi...
Security Bulletin: Vulnerabilities in grub2 affect PowerKVM (CVE-2015-5281, CVE-2015-8370)
Summary PowerKVM is affected by two vulnerabilities in grub2. These vulnerabilities are now fixed. Vulnerability Details CVEID: CVE-2015-5281 DESCRIPTION: grub2 builds for EFI systems could allow a local attacker to execute arbitrary code on the system, caused by the presence of modules deemed...
Fedora 22 : grub2-2.02-0.17.fc22 (2015-2c155d7632)
Rebuild without multiboot modules in the EFI image. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
CVE-2015-5281
CVE-2015-5281 affects GRUB2 on EFI systems (notably grub2 in RHEL7) where modules deemed unsuitable for Secure Boot could be loaded, allowing a local attacker to bypass Secure Boot and execute non-verified code via crafted multiboot/multiboot2 modules or boot menu entries. The issue arises from l...
Oracle Linux 7 : grub2 (ELSA-2015-2401)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-2401 advisory. - Once again, rebuild for the right build target. Resolves: CVE-2015-5281 - Remove multiboot and multiboot2 modules from the .efi builds; they should never have...
grub2 security, bug fix, and enhancement update
2.02-0.29.0.1 - Fix comparison in patch for 18504756 - Remove symlink to grub environment file during uninstall on EFI platforms bug 19231481 - update Oracle Linux certificates Alexey Petrenko - Put 'with' in menuentry instead of 'using' bug 18504756 - Use different titles for UEK and RHCK kernel...
RHEL 7 : grub2 (RHSA-2015:2401)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:2401 advisory. The grub2 packages provide version 2 of the Grand Unified Bootloader GRUB, a highly configurable and customizable bootloader with modular architectur...