Several vulnerabilities have been discovered in the GRUB2 bootloader
CVE-2020-10713
A flaw in the grubcfg parsing code was found allowing to break
UEFI Secure Boot and load arbitrary code Details can be found at
wwweclypsiumcom/2020/07/29/theres-a-hole-in-the-boot/
CVE-2020-14308
It was discovered that grub_malloc does ...
Synopsis
Moderate: kernel-rt security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS ...
Synopsis
Moderate: grub2 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for grub2, shim, shim-signed, and fwupdate is now available for Red Hat Enterprise Linux 76 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Mo ...
Synopsis
Important: kernel security and bug fix update
Type/Severity
Security Advisory: Important
Topic
An update for kernel is now available for Red Hat Enterprise Linux 77 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Synopsis
Important: Red Hat Virtualization security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Topic
An update for cockpit-ovirt, imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise ...
Synopsis
Important: kernel security and bug fix update
Type/Severity
Security Advisory: Important
Topic
An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) b ...
Synopsis
Moderate: grub2 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for grub2, shim, and shim-signed is now available for Red Hat Enterprise Linux 72 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Moderate A ...
Synopsis
Moderate: grub2 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for grub2, shim, and shim-signed is now available for Red Hat Enterprise Linux 73 Advanced Update Support, Red Hat Enterprise Linux 73 Telco Extended Update Support, and Red Hat Enterprise Linux ...
Synopsis
Important: redhat-release-virtualization-host and redhat-virtualization-host security update
Type/Severity
Security Advisory: Important
Topic
An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 ...
Synopsis
Moderate: grub2 security update
Type/Severity
Security Advisory: Moderate
Topic
An update for grub2, shim, shim-unsigned-x64, and fwupd is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Moderate A ...
Synopsis
Moderate: grub2 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for grub2, shim, shim-signed, and fwupdate is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerabi ...
Synopsis
Moderate: grub2 security update
Type/Severity
Security Advisory: Moderate
Topic
An update for grub2, shim, shim-unsigned-x64, and fwupd is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scor ...
Synopsis
Important: kernel security and bug fix update
Type/Severity
Security Advisory: Important
Topic
An update for kernel is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Synopsis
Moderate: grub2 security and bug fix update
Type / Sévérité
Security Advisory: Moderate
Sujet
An update for grub2, shim, shim-signed, and fwupdate is now available for Red Hat Enterprise Linux 77 Extended Update SupportRed Hat Product Security has rated this update as having a security impact ...
Synopsis
Moderate: kernel security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for kernel is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...
Synopsis
Moderate: grub2 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for grub2, shim, shim-signed, and fwupdate is now available for Red Hat Enterprise Linux 74 Advanced Update Support, Red Hat Enterprise Linux 74 Telco Extended Update Support, and Red Hat Enterpr ...
Synopsis
Important: kernel-rt security and bug fix update
Type/Severity
Security Advisory: Important
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (C ...
Synopsis
Moderate: grub2 security update
Type/Severity
Security Advisory: Moderate
Topic
An update for grub2, shim, and fwupd is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Moderate A Common V ...
On July 29, 2020, a research paper titled “There’s a Hole in the Boot” was made publicly available This paper discusses a vulnerability discovered in the GRand Unified Bootloader version 2 (GRUB2) bootloader that may allow an attacker to execute arbitrary code at system boot time
The vulnerability is due to incorrect bounds checking of cert ...
HP has been informed of a potential security vulnerability in GRUB2 bootloaders commonly used by Linux This vulnerability, known as “There’s a Hole in the Boot” (also nicknamed “BootHole”), could allow bypass of UEFI Secure Boot and allow arbitrary code execution
Additional GRUB2 vulnerabilities found in response to the initial report ...
HP has been informed of a potential security vulnerability in GRUB2 bootloaders commonly used by Linux This vulnerability, known as “There’s a Hole in the Boot” (also nicknamed “BootHole”), could allow bypass of UEFI Secure Boot and allow arbitrary code execution
Additional GRUB2 vulnerabilities found in response to the initial report ...