7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
32.6%
The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices.
Security Fix(es):
grub2: grub2-set-bootflag can be abused by local (pseudo-)users (CVE-2024-1048)
grub2: Out-of-bounds write at fs/ntfs.c may lead to unsigned code execution (CVE-2023-4692)
grub2: out-of-bounds read at fs/ntfs.c (CVE-2023-4693)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.10 Release Notes linked from the References section.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 8 | ppc64le | grub2-tools-minimal | < 2.02-156.el8 | grub2-tools-minimal-2.02-156.el8.ppc64le.rpm |
RedHat | 8 | ppc64le | grub2-debugsource | < 2.02-156.el8 | grub2-debugsource-2.02-156.el8.ppc64le.rpm |
RedHat | 8 | noarch | grub2-efi-x64-modules | < 2.02-156.el8 | grub2-efi-x64-modules-2.02-156.el8.noarch.rpm |
RedHat | 8 | ppc64le | grub2-ppc64le | < 2.02-156.el8 | grub2-ppc64le-2.02-156.el8.ppc64le.rpm |
RedHat | 8 | x86_64 | grub2-tools-extra | < 2.02-156.el8 | grub2-tools-extra-2.02-156.el8.x86_64.rpm |
RedHat | 8 | aarch64 | grub2-debuginfo | < 2.02-156.el8 | grub2-debuginfo-2.02-156.el8.aarch64.rpm |
RedHat | 8 | aarch64 | grub2-efi-aa64-cdboot | < 2.02-156.el8 | grub2-efi-aa64-cdboot-2.02-156.el8.aarch64.rpm |
RedHat | 8 | aarch64 | grub2-tools | < 2.02-156.el8 | grub2-tools-2.02-156.el8.aarch64.rpm |
RedHat | 8 | aarch64 | grub2-debugsource | < 2.02-156.el8 | grub2-debugsource-2.02-156.el8.aarch64.rpm |
RedHat | 8 | aarch64 | grub2-tools-extra | < 2.02-156.el8 | grub2-tools-extra-2.02-156.el8.aarch64.rpm |
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
32.6%