QID 239315
Date Published: 2021-05-20
QID 239315: Red Hat Update for shim (RHSA-2021:1734)
The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments.
Security Fix(es): grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled (CVE-2020-14372)
grub2: Use-after-free in rmmod command (CVE-2020-25632)
grub2: Out-of-bounds write in grub_usb_device_initialize()
(CVE-2020-25647)
grub2: Stack buffer overflow in grub_parser_split_cmdline()
(CVE-2020-27749)
grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled (CVE-2020-27779)
grub2: Heap out-of-bounds write in short form option parser (CVE-2021-20225)
grub2: Heap out-of-bounds write due to miscalculation of space required for quoting (CVE-2021-20233)
Affected Products:
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat CodeReady Linux Builder for x86_64 8 x86_64
Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
On successful exploitation, it could allow an attacker to execute code.
Refer to Red Hat security advisory RHSA-2021:1734 to address this issue and obtain more information.
- RHSA-2021:1734 -
access.redhat.com/errata/RHSA-2021:1734?language=en
CVEs related to QID 239315
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| RHSA-2021:1734 | Red Hat Enterprise Linux |
access.redhat.com/errata/RHSA-2021:1734?language=en |