Test ID:	1.3.6.1.4.1.25623.1.0.883262
Category:	CentOS Local Security Checks
Title:	CentOS: Security Advisory for grub2 (CESA-2020:3217)
Summary:	The remote host is missing an update for the 'grub2'; package(s) announced via the CESA-2020:3217 advisory.
Description:	Summary: The remote host is missing an update for the 'grub2' package(s) announced via the CESA-2020:3217 advisory. Vulnerability Insight: The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. The fwupdate packages provide a service that allows session software to update device firmware. Security Fix(es): * grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713) * grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-based buffer overflow (CVE-2020-14308) * grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow (CVE-2020-14309) * grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310) * grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311) * grub2: Fail kernel validation without shim protocol (CVE-2020-15705) * grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706) * grub2: Integer overflow in initrd size handling (CVE-2020-15707) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * grub2 doesn't handle relative paths correctly for UEFI HTTP Boot (BZ#1616395) * UEFI HTTP boot over IPv6 does not work (BZ#1732765) Users of grub2 are advised to upgrade to these updated packages, which fix these bugs. Affected Software/OS: 'grub2' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2020-10713 CERT/CC vulnerability note: VU#174059 https://www.kb.cert.org/vuls/id/174059 Cisco Security Advisory: 20200804 GRUB2 Arbitrary Code Execution Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-grub2-code-exec-xLePCAPY Debian Security Information: DSA-4735 (Google Search) https://www.debian.org/security/2020/dsa-4735 https://security.gentoo.org/glsa/202104-05 https://cve.openeuler.org/#/CVEInfo/CVE-2020-10713 https://eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/ https://kb.vmware.com/s/article/80181 https://bugzilla.redhat.com/show_bug.cgi?id=1825243 http://www.openwall.com/lists/oss-security/2020/07/29/3 SuSE Security Announcement: openSUSE-SU-2020:1168 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html SuSE Security Announcement: openSUSE-SU-2020:1169 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html https://usn.ubuntu.com/4432-1/ Common Vulnerability Exposure (CVE) ID: CVE-2020-14308 https://bugzilla.redhat.com/show_bug.cgi?id=1852009 http://www.openwall.com/lists/oss-security/2021/09/17/2 http://www.openwall.com/lists/oss-security/2021/09/17/4 http://www.openwall.com/lists/oss-security/2021/09/21/1 Common Vulnerability Exposure (CVE) ID: CVE-2020-14309 https://bugzilla.redhat.com/show_bug.cgi?id=1852022 Common Vulnerability Exposure (CVE) ID: CVE-2020-14310 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14310 Common Vulnerability Exposure (CVE) ID: CVE-2020-14311 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14311 Common Vulnerability Exposure (CVE) ID: CVE-2020-15705 https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011 https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/ https://www.openwall.com/lists/oss-security/2020/07/29/3 Debian Security Information: https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot (Google Search) https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot http://www.openwall.com/lists/oss-security/2021/03/02/3 RedHat Security Advisories: https://access.redhat.com/security/vulnerabilities/grub2bootloader https://access.redhat.com/security/vulnerabilities/grub2bootloader SuSE Security Announcement: https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/ (Google Search) https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/ SuSE Security Announcement: https://www.suse.com/support/kb/doc/?id=000019673 (Google Search) https://www.suse.com/support/kb/doc/?id=000019673 SuSE Security Announcement: openSUSE-SU-2020:1280 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00067.html SuSE Security Announcement: openSUSE-SU-2020:1282 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00069.html http://ubuntu.com/security/notices/USN-4432-1 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass Common Vulnerability Exposure (CVE) ID: CVE-2020-15706 Common Vulnerability Exposure (CVE) ID: CVE-2020-15707
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.