|Category:||CentOS Local Security Checks|
|Title:||CentOS: Security Advisory for mokutil (CESA-2020:3217)|
|Summary:||The remote host is missing an update for the 'mokutil'; package(s) announced via the CESA-2020:3217 advisory.|
The remote host is missing an update for the 'mokutil'
package(s) announced via the CESA-2020:3217 advisory.
The grub2 packages provide version 2 of the Grand Unified Boot Loader
(GRUB), a highly configurable and customizable boot loader with modular
architecture. The packages support a variety of kernel formats, file
systems, computer architectures, and hardware devices.
The shim package contains a first-stage UEFI boot loader that handles
chaining to a trusted full boot loader under secure boot environments.
The fwupdate packages provide a service that allows session software to
update device firmware.
* grub2: Crafted grub.cfg file can lead to arbitrary code execution during
boot process (CVE-2020-10713)
* grub2: grub_malloc does not validate allocation size allowing for
arithmetic overflow and subsequent heap-based buffer overflow
* grub2: Integer overflow in grub_squash_read_symlink may lead to
heap-based buffer overflow (CVE-2020-14309)
* grub2: Integer overflow read_section_as_string may lead to heap-based
buffer overflow (CVE-2020-14310)
* grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer
* grub2: Fail kernel validation without shim protocol (CVE-2020-15705)
* grub2: Use-after-free redefining a function whilst the same function is
already executing (CVE-2020-15706)
* grub2: Integer overflow in initrd size handling (CVE-2020-15707)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
* grub2 doesn't handle relative paths correctly for UEFI HTTP Boot
* UEFI HTTP boot over IPv6 does not work (BZ#1732765)
Users of grub2 are advised to upgrade to these updated packages, which fix
'mokutil' package(s) on CentOS 7.
Please install the updated package(s).
Common Vulnerability Exposure (CVE) ID: CVE-2020-10713|
Common Vulnerability Exposure (CVE) ID: CVE-2020-14308
Common Vulnerability Exposure (CVE) ID: CVE-2020-14309
Common Vulnerability Exposure (CVE) ID: CVE-2020-14310
Common Vulnerability Exposure (CVE) ID: CVE-2020-14311
Common Vulnerability Exposure (CVE) ID: CVE-2020-15705
Common Vulnerability Exposure (CVE) ID: CVE-2020-15706
Common Vulnerability Exposure (CVE) ID: CVE-2020-15707
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.