{"affected":[{"ecosystem_specific":{"binaries":[{"grub2":"2.02-19.66.1","grub2-arm64-efi":"2.02-19.66.1","grub2-i386-pc":"2.02-19.66.1","grub2-snapper-plugin":"2.02-19.66.1","grub2-systemd-sleep-plugin":"2.02-19.66.1","grub2-x86_64-efi":"2.02-19.66.1","grub2-x86_64-xen":"2.02-19.66.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15-ESPOS","name":"grub2","purl":"pkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.02-19.66.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"grub2":"2.02-19.66.1","grub2-arm64-efi":"2.02-19.66.1","grub2-i386-pc":"2.02-19.66.1","grub2-snapper-plugin":"2.02-19.66.1","grub2-systemd-sleep-plugin":"2.02-19.66.1","grub2-x86_64-efi":"2.02-19.66.1","grub2-x86_64-xen":"2.02-19.66.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15-LTSS","name":"grub2","purl":"pkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.02-19.66.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"grub2":"2.02-19.66.1","grub2-arm64-efi":"2.02-19.66.1","grub2-i386-pc":"2.02-19.66.1","grub2-powerpc-ieee1275":"2.02-19.66.1","grub2-s390x-emu":"2.02-19.66.1","grub2-snapper-plugin":"2.02-19.66.1","grub2-systemd-sleep-plugin":"2.02-19.66.1","grub2-x86_64-efi":"2.02-19.66.1","grub2-x86_64-xen":"2.02-19.66.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15-LTSS","name":"grub2","purl":"pkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.02-19.66.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"grub2":"2.02-19.66.1","grub2-i386-pc":"2.02-19.66.1","grub2-powerpc-ieee1275":"2.02-19.66.1","grub2-snapper-plugin":"2.02-19.66.1","grub2-systemd-sleep-plugin":"2.02-19.66.1","grub2-x86_64-efi":"2.02-19.66.1","grub2-x86_64-xen":"2.02-19.66.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15","name":"grub2","purl":"pkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.02-19.66.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for grub2 fixes the following issues:\n\ngrub2 now implements the new 'SBAT' method for SHIM based secure boot revocation. (bsc#1182057)\n\nFollowing security issues are fixed that can violate secure boot constraints:\n\n- CVE-2020-25632: Fixed a use-after-free in rmmod command (bsc#1176711)\n- CVE-2020-25647: Fixed an out-of-bound write in grub_usb_device_initialize() (bsc#1177883)\n- CVE-2020-27749: Fixed a stack buffer overflow in grub_parser_split_cmdline (bsc#1179264)\n- CVE-2020-27779, CVE-2020-14372: Disallow cutmem and acpi commands in secure boot mode (bsc#1179265 bsc#1175970)\n- CVE-2021-20225: Fixed a heap out-of-bounds write in short form option parser (bsc#1182262)\n- CVE-2021-20233: Fixed a heap out-of-bound write due to mis-calculation of space required for quoting (bsc#1182263)\n\n","id":"SUSE-SU-2021:0685-1","modified":"2021-03-02T18:06:17Z","published":"2021-03-02T18:06:17Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2021/suse-su-20210685-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1175970"},{"type":"REPORT","url":"https://bugzilla.suse.com/1176711"},{"type":"REPORT","url":"https://bugzilla.suse.com/1177883"},{"type":"REPORT","url":"https://bugzilla.suse.com/1179264"},{"type":"REPORT","url":"https://bugzilla.suse.com/1179265"},{"type":"REPORT","url":"https://bugzilla.suse.com/1182057"},{"type":"REPORT","url":"https://bugzilla.suse.com/1182262"},{"type":"REPORT","url":"https://bugzilla.suse.com/1182263"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-14372"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-25632"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-25647"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-27749"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-27779"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-20225"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-20233"}],"related":["CVE-2020-14372","CVE-2020-25632","CVE-2020-25647","CVE-2020-27749","CVE-2020-27779","CVE-2021-20225","CVE-2021-20233"],"summary":"Security update for grub2","upstream":["CVE-2020-14372","CVE-2020-25632","CVE-2020-25647","CVE-2020-27749","CVE-2020-27779","CVE-2021-20225","CVE-2021-20233"]}