Описание
Security update for grub2
This update for grub2 fixes the following issues:
- CVE-2023-4692: Fixed an out-of-bounds write at fs/ntfs.c which may lead to unsigned code execution. (bsc#1215935)
- CVE-2023-4693: Fixed an out-of-bounds read at fs/ntfs.c which may lead to leak sensitive information. (bsc#1215936)
Список пакетов
Container suse/sle-micro-rancher/5.2:latest
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
Image SLES15-SP3-BYOS-Azure
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
Image SLES15-SP3-BYOS-EC2-HVM
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
grub2-x86_64-xen-2.04-150300.22.43.1
Image SLES15-SP3-BYOS-GCE
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
Image SLES15-SP3-CHOST-BYOS-Aliyun
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
Image SLES15-SP3-CHOST-BYOS-Azure
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
Image SLES15-SP3-CHOST-BYOS-EC2
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
grub2-x86_64-xen-2.04-150300.22.43.1
Image SLES15-SP3-CHOST-BYOS-GCE
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
Image SLES15-SP3-CHOST-BYOS-SAP-CCloud
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
Image SLES15-SP3-HPC-BYOS-Azure
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
Image SLES15-SP3-HPC-BYOS-EC2-HVM
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
grub2-x86_64-xen-2.04-150300.22.43.1
Image SLES15-SP3-HPC-BYOS-GCE
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
Image SLES15-SP3-Micro-5-2-BYOS-Azure
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
grub2-x86_64-xen-2.04-150300.22.43.1
Image SLES15-SP3-Micro-5-2-BYOS-GCE
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
Image SLES15-SP3-SAP-BYOS-Azure
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
Image SLES15-SP3-SAP-BYOS-EC2-HVM
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
grub2-x86_64-xen-2.04-150300.22.43.1
Image SLES15-SP3-SAP-BYOS-GCE
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
Image SLES15-SP3-SAPCAL-Azure
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
Image SLES15-SP3-SAPCAL-EC2-HVM
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
grub2-x86_64-xen-2.04-150300.22.43.1
Image SLES15-SP3-SAPCAL-GCE
grub2-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
SUSE Enterprise Storage 7.1
grub2-2.04-150300.22.43.1
grub2-arm64-efi-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-powerpc-ieee1275-2.04-150300.22.43.1
grub2-snapper-plugin-2.04-150300.22.43.1
grub2-systemd-sleep-plugin-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
grub2-x86_64-xen-2.04-150300.22.43.1
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
grub2-2.04-150300.22.43.1
grub2-arm64-efi-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-powerpc-ieee1275-2.04-150300.22.43.1
grub2-snapper-plugin-2.04-150300.22.43.1
grub2-systemd-sleep-plugin-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
grub2-x86_64-xen-2.04-150300.22.43.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
grub2-2.04-150300.22.43.1
grub2-arm64-efi-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-powerpc-ieee1275-2.04-150300.22.43.1
grub2-snapper-plugin-2.04-150300.22.43.1
grub2-systemd-sleep-plugin-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
grub2-x86_64-xen-2.04-150300.22.43.1
SUSE Linux Enterprise Micro 5.2
grub2-2.04-150300.22.43.1
grub2-arm64-efi-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-s390x-emu-2.04-150300.22.43.1
grub2-snapper-plugin-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
grub2-x86_64-xen-2.04-150300.22.43.1
SUSE Linux Enterprise Server 15 SP3-LTSS
grub2-2.04-150300.22.43.1
grub2-arm64-efi-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-powerpc-ieee1275-2.04-150300.22.43.1
grub2-s390x-emu-2.04-150300.22.43.1
grub2-snapper-plugin-2.04-150300.22.43.1
grub2-systemd-sleep-plugin-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
grub2-x86_64-xen-2.04-150300.22.43.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
grub2-2.04-150300.22.43.1
grub2-arm64-efi-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-powerpc-ieee1275-2.04-150300.22.43.1
grub2-snapper-plugin-2.04-150300.22.43.1
grub2-systemd-sleep-plugin-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
grub2-x86_64-xen-2.04-150300.22.43.1
SUSE Manager Proxy 4.2
grub2-2.04-150300.22.43.1
grub2-arm64-efi-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-powerpc-ieee1275-2.04-150300.22.43.1
grub2-snapper-plugin-2.04-150300.22.43.1
grub2-systemd-sleep-plugin-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
grub2-x86_64-xen-2.04-150300.22.43.1
SUSE Manager Proxy Module 4.2
grub2-arm64-efi-2.04-150300.22.43.1
SUSE Manager Server 4.2
grub2-2.04-150300.22.43.1
grub2-arm64-efi-2.04-150300.22.43.1
grub2-i386-pc-2.04-150300.22.43.1
grub2-powerpc-ieee1275-2.04-150300.22.43.1
grub2-s390x-emu-2.04-150300.22.43.1
grub2-snapper-plugin-2.04-150300.22.43.1
grub2-systemd-sleep-plugin-2.04-150300.22.43.1
grub2-x86_64-efi-2.04-150300.22.43.1
grub2-x86_64-xen-2.04-150300.22.43.1
Ссылки
- Link for SUSE-SU-2023:4130-1
- E-Mail link for SUSE-SU-2023:4130-1
- SUSE Security Ratings
- SUSE Bug 1215935
- SUSE Bug 1215936
- SUSE CVE CVE-2023-4692 page
- SUSE CVE CVE-2023-4693 page
Описание
An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a result, arbitrary code execution and secure boot protection bypass may be achieved.
Затронутые продукты
Container suse/sle-micro-rancher/5.2:latest:grub2-2.04-150300.22.43.1
Container suse/sle-micro-rancher/5.2:latest:grub2-i386-pc-2.04-150300.22.43.1
Container suse/sle-micro-rancher/5.2:latest:grub2-x86_64-efi-2.04-150300.22.43.1
Image SLES15-SP3-BYOS-Azure:grub2-2.04-150300.22.43.1
Ссылки
- CVE-2023-4692
- SUSE Bug 1215935
- SUSE Bug 1217434
- SUSE Bug 1217555
- SUSE Bug 1219472
- SUSE Bug 1219709
- SUSE Bug 1221589
- SUSE Bug 1227915
Описание
An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to be leaked, presenting a high Confidentiality risk.
Затронутые продукты
Container suse/sle-micro-rancher/5.2:latest:grub2-2.04-150300.22.43.1
Container suse/sle-micro-rancher/5.2:latest:grub2-i386-pc-2.04-150300.22.43.1
Container suse/sle-micro-rancher/5.2:latest:grub2-x86_64-efi-2.04-150300.22.43.1
Image SLES15-SP3-BYOS-Azure:grub2-2.04-150300.22.43.1
Ссылки
- CVE-2023-4693
- SUSE Bug 1215936