Security Information / 2021 / Security Information -- DSA-4867-1 grub2

Debian Security Advisory

DSA-4867-1 grub2 -- security update

Date Reported:

02 Mar 2021

Affected Packages:

grub2

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233.

More information:

Several vulnerabilities have been discovered in the GRUB2 bootloader.

• CVE-2020-14372

  It was discovered that the acpi command allows a privileged user to load crafted ACPI tables when Secure Boot is enabled.

• CVE-2020-25632

  A use-after-free vulnerability was found in the rmmod command.

• CVE-2020-25647

  An out-of-bound write vulnerability was found in the grub_usb_device_initialize() function, which is called to handle USB device initialization.

• CVE-2020-27749

  A stack buffer overflow flaw was found in grub_parser_split_cmdline.

• CVE-2020-27779

  It was discovered that the cutmem command allows a privileged user to remove memory regions when Secure Boot is enabled.

• CVE-2021-20225

  A heap out-of-bounds write vulnerability was found in the short form option parser.

• CVE-2021-20233

  A heap out-of-bound write flaw was found caused by mis-calculation of space required for quoting in the menu rendering.

Further detailed information can be found at https://www.debian.org/security/2021-GRUB-UEFI-SecureBoot

For the stable distribution (buster), these problems have been fixed in version 2.02+dfsg1-20+deb10u4.

We recommend that you upgrade your grub2 packages.

For the detailed security status of grub2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/grub2