A grub2 security update has been released for AlmaLinux 9.
ALSA-2023:0752 Moderate: grub2 security update
Type:
security
Severity:
moderate
Release date:
2023-02-14
Description
Security Fix(es):
* grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass (CVE-2022-2601)
* grub2: Heap based out-of-bounds write when redering certain unicode sequences (CVE-2022-3775)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
RHSA-2023:0752
CVE-2022-2601
CVE-2022-3775
ALSA-2023:0752
Updates packages:
grub2-common-2.06-46.el9_1.3.alma.noarch.rpm
grub2-efi-aa64-modules-2.06-46.el9_1.3.alma.noarch.rpm
grub2-ppc64le-modules-2.06-46.el9_1.3.alma.noarch.rpm
grub2-pc-modules-2.06-46.el9_1.3.alma.noarch.rpm
grub2-efi-x64-modules-2.06-46.el9_1.3.alma.noarch.rpm
grub2-tools-efi-2.06-46.el9_1.3.alma.x86_64.rpm
grub2-tools-2.06-46.el9_1.3.alma.x86_64.rpm
grub2-tools-extra-2.06-46.el9_1.3.alma.x86_64.rpm
grub2-tools-minimal-2.06-46.el9_1.3.alma.x86_64.rpm
grub2-pc-2.06-46.el9_1.3.alma.x86_64.rpm
grub2-efi-x64-cdboot-2.06-46.el9_1.3.alma.x86_64.rpm
grub2-efi-x64-2.06-46.el9_1.3.alma.x86_64.rpm
grub2-tools-2.06-46.el9_1.3.alma.ppc64le.rpm
grub2-tools-minimal-2.06-46.el9_1.3.alma.ppc64le.rpm
grub2-ppc64le-2.06-46.el9_1.3.alma.ppc64le.rpm
grub2-tools-extra-2.06-46.el9_1.3.alma.ppc64le.rpm
grub2-tools-2.06-46.el9_1.3.alma.aarch64.rpm
grub2-tools-extra-2.06-46.el9_1.3.alma.aarch64.rpm
grub2-efi-aa64-cdboot-2.06-46.el9_1.3.alma.aarch64.rpm
grub2-efi-aa64-2.06-46.el9_1.3.alma.aarch64.rpm
grub2-tools-minimal-2.06-46.el9_1.3.alma.aarch64.rpm
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.