Описание
Security update for grub2
This update for grub2 fixes the following issues:
- CVE-2022-2601: Fixed buffer overflow in grub_font_construct_glyph (bsc#1205178).
- CVE-2022-3775: Fixed integer underflow in blit_comb() (bsc#1205182).
Other:
- Bump upstream SBAT generation to 3
Список пакетов
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
Ссылки
- Link for SUSE-SU-2022:4140-1
- E-Mail link for SUSE-SU-2022:4140-1
- SUSE Security Ratings
- SUSE Bug 1205178
- SUSE Bug 1205182
- SUSE CVE CVE-2022-2601 page
- SUSE CVE CVE-2022-3775 page
Описание
A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism.
Затронутые продукты
Ссылки
- CVE-2022-2601
- SUSE Bug 1205178
Описание
When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.
Затронутые продукты
Ссылки
- CVE-2022-3775
- SUSE Bug 1205182