Red Hat Customer Portal

Skip to main content

Main Navigation

  • Products & Services
    • Back
    • View All Products
    • Infrastructure and Management
      • Back
      • Red Hat Enterprise Linux
      • Red Hat Virtualization
      • Red Hat Identity Management
      • Red Hat Directory Server
      • Red Hat Certificate System
      • Red Hat Satellite
      • Red Hat Subscription Management
      • Red Hat Update Infrastructure
      • Red Hat Insights
      • Red Hat Ansible Automation Platform
    • Cloud Computing
      • Back
      • Red Hat CloudForms
      • Red Hat OpenStack Platform
      • Red Hat OpenShift Container Platform
      • Red Hat OpenShift Online
      • Red Hat OpenShift Dedicated
      • Red Hat Advanced Cluster Management for Kubernetes
      • Red Hat Quay
      • Red Hat CodeReady Workspaces
    • Storage
      • Back
      • Red Hat Gluster Storage
      • Red Hat Hyperconverged Infrastructure
      • Red Hat Ceph Storage
      • Red Hat Openshift Container Storage
    • Runtimes
      • Back
      • Red Hat Runtimes
      • Red Hat JBoss Enterprise Application Platform
      • Red Hat Data Grid
      • Red Hat JBoss Web Server
      • Red Hat Single Sign On
      • Red Hat support for Spring Boot
      • Red Hat build of Node.js
      • Red Hat build of Thorntail
      • Red Hat build of Eclipse Vert.x
      • Red Hat build of OpenJDK
      • Red Hat build of Quarkus
      • Red Hat CodeReady Studio
    • Integration and Automation
      • Back
      • Red Hat Integration
      • Red Hat Fuse
      • Red Hat AMQ
      • Red Hat 3scale API Management
      • Red Hat JBoss Data Virtualization
      • Red Hat Process Automation
      • Red Hat Process Automation Manager
      • Red Hat Decision Manager
    • Support
    • Production Support
    • Development Support
    • Product Life Cycles
    • Documentation
    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    • Services
    • Consulting
    • Technical Account Management
    • Training & Certifications
    • Ecosystem Catalog
    • Partner Resources
    • Red Hat in the Public Cloud
  • Tools
    • Back
    • Red Hat Insights
    • Tools
    • Solution Engine
    • Packages
    • Errata
    • Customer Portal Labs
    • Explore Labs
    • Configuration
    • Deployment
    • Security
    • Troubleshooting
  • Security
    • Back
    • Product Security Center
    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Security Labs
    • Resources
    • Overview
    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community
    • Back
    • Customer Portal Community
    • Discussions
    • Blogs
    • Private Groups
    • Community Activity
    • Customer Events
    • Red Hat Convergence
    • Red Hat Summit
    • Stories
    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Account
    • Back
    • Log In
    • Register
    • Red Hat Account Number:
    • Account Details
    • User Management
    • Account Maintenance
    • My Profile
    • Notifications
    • Help
    • Log Out
  • Language
    • Back
    • English
    • 한국어
    • 日本語
    • 中文 (中国)
Red Hat Customer Portal
  • Products & Services
    • Back
    • View All Products
    • Infrastructure and Management
      • Back
      • Red Hat Enterprise Linux
      • Red Hat Virtualization
      • Red Hat Identity Management
      • Red Hat Directory Server
      • Red Hat Certificate System
      • Red Hat Satellite
      • Red Hat Subscription Management
      • Red Hat Update Infrastructure
      • Red Hat Insights
      • Red Hat Ansible Automation Platform
    • Cloud Computing
      • Back
      • Red Hat CloudForms
      • Red Hat OpenStack Platform
      • Red Hat OpenShift Container Platform
      • Red Hat OpenShift Online
      • Red Hat OpenShift Dedicated
      • Red Hat Advanced Cluster Management for Kubernetes
      • Red Hat Quay
      • Red Hat CodeReady Workspaces
    • Storage
      • Back
      • Red Hat Gluster Storage
      • Red Hat Hyperconverged Infrastructure
      • Red Hat Ceph Storage
      • Red Hat Openshift Container Storage
    • Runtimes
      • Back
      • Red Hat Runtimes
      • Red Hat JBoss Enterprise Application Platform
      • Red Hat Data Grid
      • Red Hat JBoss Web Server
      • Red Hat Single Sign On
      • Red Hat support for Spring Boot
      • Red Hat build of Node.js
      • Red Hat build of Thorntail
      • Red Hat build of Eclipse Vert.x
      • Red Hat build of OpenJDK
      • Red Hat build of Quarkus
      • Red Hat CodeReady Studio
    • Integration and Automation
      • Back
      • Red Hat Integration
      • Red Hat Fuse
      • Red Hat AMQ
      • Red Hat 3scale API Management
      • Red Hat JBoss Data Virtualization
      • Red Hat Process Automation
      • Red Hat Process Automation Manager
      • Red Hat Decision Manager
    • Support
    • Production Support
    • Development Support
    • Product Life Cycles
    • Documentation
    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    • Services
    • Consulting
    • Technical Account Management
    • Training & Certifications
    • Ecosystem Catalog
    • Partner Resources
    • Red Hat in the Public Cloud
  • Tools
    • Back
    • Red Hat Insights
    • Tools
    • Solution Engine
    • Packages
    • Errata
    • Customer Portal Labs
    • Explore Labs
    • Configuration
    • Deployment
    • Security
    • Troubleshooting
  • Security
    • Back
    • Product Security Center
    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Security Labs
    • Resources
    • Overview
    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community
    • Back
    • Customer Portal Community
    • Discussions
    • Blogs
    • Private Groups
    • Community Activity
    • Customer Events
    • Red Hat Convergence
    • Red Hat Summit
    • Stories
    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Account
    • Back
    • Log In
    • Register
    • Red Hat Account Number:
    • Account Details
    • User Management
    • Account Maintenance
    • My Profile
    • Notifications
    • Help
    • Log Out
  • Language
    • Back
    • English
    • 한국어
    • 日本語
    • 中文 (中国)
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Search
  • Log In
  • Language
Or troubleshoot an issue.

Log in to Your Red Hat Account

Log In

Your Red Hat account gives you access to your profile, preferences, and services, depending on your status.

Register

If you are a new customer, register now for access to product evaluations and purchasing capabilities.

Need access to an account?

If your company has an existing Red Hat account, your organization administrator can grant you access.

If you have any questions, please contact customer service.

Red Hat Account Number:

Red Hat Account

  • Account Details
  • User Management
  • Account Maintenance
  • Account Team

Customer Portal

  • My Profile
  • Notifications
  • Help

For your security, if you’re on a public computer and have finished using your Red Hat services, please be sure to log out.

Log Out

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)
Red Hat Customer Portal Red Hat Customer Portal
  • Products & Services
  • Tools
  • Security
  • Community
  • Infrastructure and Management

  • Cloud Computing

  • Storage

  • Runtimes

  • Integration and Automation

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS
  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat Openshift Container Storage
  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus
  • Red Hat CodeReady Studio
  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
View All Products
  • Support
  • Production Support
  • Development Support
  • Product Life Cycles

Services

  • Consulting
  • Technical Account Management
  • Training & Certifications
  • Documentation
  • Red Hat Enterprise Linux
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Ecosystem Catalog
  • Red Hat in the Public Cloud
  • Partner Resources

Tools

  • Solution Engine
  • Packages
  • Errata
  • Customer Portal Labs
  • Configuration
  • Deployment
  • Security
  • Troubleshooting

Red Hat Insights

Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

  • Learn more
  • Go to Insights

Red Hat Product Security Center

Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

Product Security Center

Security Updates

  • Security Advisories
  • Red Hat CVE Database
  • Security Labs

Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

  • View Responses

Resources

  • Overview
  • Security Blog
  • Security Measurement
  • Severity Ratings
  • Backporting Policies
  • Product Signing (GPG) Keys

Customer Portal Community

  • Discussions
  • Blogs
  • Private Groups
  • Community Activity

Customer Events

  • Red Hat Convergence
  • Red Hat Summit

Stories

  • Red Hat Subscription Value
  • You Asked. We Acted.
  • Open Source Communities
Red Hat Product Errata RHSA-2020:3273 - Security Advisory
Issued:
2020-08-03
Updated:
2020-08-03

RHSA-2020:3273 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: grub2 security and bug fix update

Type/Severity

Security Advisory: Moderate

Topic

An update for grub2, shim, and shim-signed is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices.

The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments.

Security Fix(es):

  • grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)
  • grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-based buffer overflow (CVE-2020-14308)
  • grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow (CVE-2020-14309)
  • grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)
  • grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)
  • grub2: Fail kernel validation without shim protocol (CVE-2020-15705)
  • grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • grub2 should get resynced with 7.8 branch (BZ#1861861)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server - AUS 7.2 x86_64

Fixes

  • BZ - 1825243 - CVE-2020-10713 grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process
  • BZ - 1852009 - CVE-2020-14308 grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-based buffer overflow
  • BZ - 1852014 - CVE-2020-14311 grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow
  • BZ - 1852022 - CVE-2020-14309 grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow
  • BZ - 1852030 - CVE-2020-14310 grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow
  • BZ - 1860978 - CVE-2020-15705 grub2: Fail kernel validation without shim protocol
  • BZ - 1861118 - CVE-2020-15706 grub2: Use-after-free redefining a function whilst the same function is already executing
  • BZ - 1861861 - grub2 should get resynced with 7.8 branch

CVEs

  • CVE-2020-10713
  • CVE-2020-14308
  • CVE-2020-14309
  • CVE-2020-14310
  • CVE-2020-14311
  • CVE-2020-15705
  • CVE-2020-15706

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/security/vulnerabilities/grub2bootloader
  • Note: More recent versions of these packages may be available. Click a package name for more details.

    Red Hat Enterprise Linux Server - AUS 7.2

    SRPM
    grub2-2.02-0.86.el7_2.src.rpm SHA-256: e97f3c424258cf942d0a0b414152b0a08655a0a7f0b4f59996c96440642df58f
    shim-15-8.el7.src.rpm SHA-256: 454f094da13c1d2f1a4150c1ad7f5b8742340dd24ab3fbca956504716cd17e5e
    shim-signed-15-8.el7_2.src.rpm SHA-256: 3d5e9aa3219a97f27bbe9d360db0a3b83c7047221556de5a4429163b0b762d1f
    x86_64
    grub2-2.02-0.86.el7_2.x86_64.rpm SHA-256: 65e232254c3aa80d82544ec7babf1360fe16f27f322668d12d9f87352d84e566
    grub2-common-2.02-0.86.el7_2.noarch.rpm SHA-256: 1b7b401f3e768f30c771a08ddeced921ebaefeef7188935813e088ce7779a4d0
    grub2-debuginfo-2.02-0.86.el7_2.x86_64.rpm SHA-256: 2db25e3bd88d0155ae72eca11671322486e29ca15c4b41286853bfa4a66bef6c
    grub2-debuginfo-2.02-0.86.el7_2.x86_64.rpm SHA-256: 2db25e3bd88d0155ae72eca11671322486e29ca15c4b41286853bfa4a66bef6c
    grub2-efi-aa64-modules-2.02-0.86.el7_2.noarch.rpm SHA-256: 43cfc6cc1778cbf46c608d2315a4abb84b0467f37f63fc315898ae7d8183db8c
    grub2-efi-ia32-2.02-0.86.el7_2.x86_64.rpm SHA-256: 25dce4ff525b1beacb99d180fa0a8ec24104291def19cdd3da6553f7aefd5044
    grub2-efi-ia32-cdboot-2.02-0.86.el7_2.x86_64.rpm SHA-256: cab7c89c67fe3fc63d3f77b99cb8bca2db72dd53948e27f3ff608d2bfdd47bbf
    grub2-efi-ia32-modules-2.02-0.86.el7_2.noarch.rpm SHA-256: ca087e030f756010a45acc958aeb0b09c5b0b4261da442871f7f1843840e519a
    grub2-efi-ia32-modules-2.02-0.86.el7_2.noarch.rpm SHA-256: ca087e030f756010a45acc958aeb0b09c5b0b4261da442871f7f1843840e519a
    grub2-efi-x64-2.02-0.86.el7_2.x86_64.rpm SHA-256: db97e58834cea23fd26f86c6fedb5965a7319f381b9a199963ca5795b33a3318
    grub2-efi-x64-cdboot-2.02-0.86.el7_2.x86_64.rpm SHA-256: 209d729769d55b6edcd37c003fad4ac164b8a4ae1b098dd1447a9c215107799f
    grub2-efi-x64-modules-2.02-0.86.el7_2.noarch.rpm SHA-256: 7d73b31c85b9956420d22b3c3911b97bd7b57c98ca42a9a26df2d5295390a7a3
    grub2-efi-x64-modules-2.02-0.86.el7_2.noarch.rpm SHA-256: 7d73b31c85b9956420d22b3c3911b97bd7b57c98ca42a9a26df2d5295390a7a3
    grub2-pc-2.02-0.86.el7_2.x86_64.rpm SHA-256: 6f071ada5968972a8b1b3832c29d07ed28a758efd6e3d242ec66f09a305669b4
    grub2-pc-modules-2.02-0.86.el7_2.noarch.rpm SHA-256: f59e9fc9427000627b60451083d5e1bc9af38ef7401402463411370edc2298ee
    grub2-pc-modules-2.02-0.86.el7_2.noarch.rpm SHA-256: f59e9fc9427000627b60451083d5e1bc9af38ef7401402463411370edc2298ee
    grub2-ppc-modules-2.02-0.86.el7_2.noarch.rpm SHA-256: 549f98c5e97d5b86a79113a546ab2c81cf6cee8d8ab9bf9dab35e2c9a25bb610
    grub2-ppc64-modules-2.02-0.86.el7_2.noarch.rpm SHA-256: 67094182a5b9a25ca5f7d2e56d56287bebe8535b775b54677c2c2bd98d69466e
    grub2-ppc64-modules-2.02-0.86.el7_2.noarch.rpm SHA-256: 67094182a5b9a25ca5f7d2e56d56287bebe8535b775b54677c2c2bd98d69466e
    grub2-ppc64le-modules-2.02-0.86.el7_2.noarch.rpm SHA-256: ddb50bc7c93c0a126d7ad64dab65880f9a4fe5859ca072a419af9e834704ae8e
    grub2-ppc64le-modules-2.02-0.86.el7_2.noarch.rpm SHA-256: ddb50bc7c93c0a126d7ad64dab65880f9a4fe5859ca072a419af9e834704ae8e
    grub2-tools-2.02-0.86.el7_2.x86_64.rpm SHA-256: db84b050fe8d23eb604eaeace49ad1195a2278f1b809e81a605345fdca44b1d5
    grub2-tools-extra-2.02-0.86.el7_2.x86_64.rpm SHA-256: daf875457004ddf3ddcee27e376a228206f60f8d8fd6bf0728790ac3dd740bec
    grub2-tools-minimal-2.02-0.86.el7_2.x86_64.rpm SHA-256: 65cc97d333cde56ab0e401c47f2e316a87a5f57bc89720fcb4473f8fa317d515
    mokutil-15-8.el7_2.x86_64.rpm SHA-256: 8f4fbbc69c079106a2ac6a3705f793bb41f5ca081d7c22905e6551798107a30d
    mokutil-debuginfo-15-8.el7_2.x86_64.rpm SHA-256: 308e60be030379ab3e2dbbd4331b2ae4b793015277eeb2c7aadbb66aae166f4a
    shim-15-8.el7_2.x86_64.rpm SHA-256: d6a96edd2e889c93288c0f98ebb369373acb5d339b23c5e95701e53726015b18
    shim-unsigned-ia32-15-8.el7.x86_64.rpm SHA-256: fbe4c65f4e2e0f4aad773a158bfe1e880e0202539eeaf51e83459d8a85b7c471
    shim-unsigned-x64-15-8.el7.x86_64.rpm SHA-256: de120667a73dfd5fa2d89de8eed398ca47b2a22d08f774edca3e7c78f013fa54

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

    Red Hat

    Quick Links

    • Downloads
    • Subscriptions
    • Support Cases
    • Customer Service
    • Product Documentation

    Help

    • Contact Us
    • Customer Portal FAQ
    • Log-in Assistance

    Site Info

    • Trust Red Hat
    • Browser Support Policy
    • Accessibility
    • Awards and Recognition
    • Colophon

    Related Sites

    • redhat.com
    • openshift.com
    • developers.redhat.com
    • connect.redhat.com

    About

    • Red Hat Subscription Value
    • About Red Hat
    • Red Hat Jobs
    Copyright © 2021 Red Hat, Inc.
    • Privacy Statement
    • Customer Portal Terms of Use
    • All Policies and Guidelines
    Red Hat Summit
    Twitter Facebook