Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2021:0702 - Security Advisory
Issued:
2021-03-02
Updated:
2021-03-02

RHSA-2021:0702 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: grub2 security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for grub2 is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices.

Security Fix(es):

  • grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled (CVE-2020-14372)
  • grub2: Use-after-free in rmmod command (CVE-2020-25632)
  • grub2: Out-of-bounds write in grub_usb_device_initialize() (CVE-2020-25647)
  • grub2: Stack buffer overflow in grub_parser_split_cmdline() (CVE-2020-27749)
  • grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled (CVE-2020-27779)
  • grub2: Heap out-of-bounds write in short form option parser (CVE-2021-20225)
  • grub2: Heap out-of-bounds write due to miscalculation of space required for quoting (CVE-2021-20233)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server - AUS 7.4 x86_64
  • Red Hat Enterprise Linux Server - TUS 7.4 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.4 x86_64

Fixes

  • BZ - 1873150 - CVE-2020-14372 grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled
  • BZ - 1879577 - CVE-2020-25632 grub2: Use-after-free in rmmod command
  • BZ - 1886936 - CVE-2020-25647 grub2: Out-of-bounds write in grub_usb_device_initialize()
  • BZ - 1899966 - CVE-2020-27749 grub2: Stack buffer overflow in grub_parser_split_cmdline()
  • BZ - 1900698 - CVE-2020-27779 grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled
  • BZ - 1924696 - CVE-2021-20225 grub2: Heap out-of-bounds write in short form option parser
  • BZ - 1926263 - CVE-2021-20233 grub2: Heap out-of-bounds write due to miscalculation of space required for quoting

CVEs

  • CVE-2020-14372
  • CVE-2020-25632
  • CVE-2020-25647
  • CVE-2020-27749
  • CVE-2020-27779
  • CVE-2021-20225
  • CVE-2021-20233

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/security/vulnerabilities/RHSB-2021-003
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 7.4

SRPM
grub2-2.02-0.86.el7_4.2.src.rpm SHA-256: 56df4d7eee272906e78d99cba44f852bf9c48fbcb287f00baea485a51e42a898
x86_64
grub2-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: 075da92efefa20ac58279e43a4ac4d519bcb7168a1044f529261919a5faa59fc
grub2-common-2.02-0.86.el7_4.2.noarch.rpm SHA-256: 69fe4bb028d62c67d8eab84cfb2f82f8b32cdb132dae49b82cd4e6dc552b45bb
grub2-debuginfo-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: a1619a41f01fdf11d41d79f8dbb31b48596a97dd9be472da7ad03f66088df805
grub2-debuginfo-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: a1619a41f01fdf11d41d79f8dbb31b48596a97dd9be472da7ad03f66088df805
grub2-efi-aa64-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: f83850f3cc5badd3e6dc56885b396ebb70e0a284625ca45c8b5f83a551dcc82a
grub2-efi-ia32-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: 9caff567b3b99dafa8f738d230d1cc678140302adcdfe8a97afd129afd9fd255
grub2-efi-ia32-cdboot-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: 27966516e7b3b513522bb0f865d33b4777c63fa6d50e10cb9e8f8867109cf528
grub2-efi-ia32-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: fc925f95f70333754baab8a660c52c51a3cab774b65778a8e1dcf7dad9de6ef1
grub2-efi-x64-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: 50362d7e75cfa2a7fee535ac7d1b09d4873c044a3926a152c4cba6518dfe09d5
grub2-efi-x64-cdboot-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: d2f6dedbd7153a29540706c6ec42ed837b08b924f646d31eecc6f23077125633
grub2-efi-x64-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: b91ba10ef7f7f31851a8b5d5dc1ceac3e940ceeef6aae063081678bbbb68189a
grub2-pc-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: 6dcf900ee45d63c6afb09888e939c4660847eb317de6e624191e49bd0cabd2b4
grub2-pc-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: 0e68acf289ca1b21ba5745198b25fec15408ac03f4658810c6b46216a665f205
grub2-ppc-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: d1a88c9ff0618f1190652f4837499b383830137bede2fea90dae1871145943cf
grub2-ppc64-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: 5f4b5dc2f57c7024a0a46b45696bec5c72fdd74f9091212d31094108cb00de91
grub2-ppc64le-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: 5c9d4a8bb032cc0ac221fa4c048e49de27388cea7280c578d2ea200f9f193ad7
grub2-tools-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: a37d6f3041324b881552f02c34129202169a47a5faf260dd23198f79ac292dfd
grub2-tools-extra-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: 72ae887058f6a30451ff1ddac77db0675f99ac0a82368e595ef1579966cd056c
grub2-tools-minimal-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: be8f6ae6bbabd525631fa47ab6193578dcc54d38a73d24afff8bae57be2f701b

Red Hat Enterprise Linux Server - TUS 7.4

SRPM
grub2-2.02-0.86.el7_4.2.src.rpm SHA-256: 56df4d7eee272906e78d99cba44f852bf9c48fbcb287f00baea485a51e42a898
x86_64
grub2-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: 075da92efefa20ac58279e43a4ac4d519bcb7168a1044f529261919a5faa59fc
grub2-common-2.02-0.86.el7_4.2.noarch.rpm SHA-256: 69fe4bb028d62c67d8eab84cfb2f82f8b32cdb132dae49b82cd4e6dc552b45bb
grub2-debuginfo-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: a1619a41f01fdf11d41d79f8dbb31b48596a97dd9be472da7ad03f66088df805
grub2-debuginfo-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: a1619a41f01fdf11d41d79f8dbb31b48596a97dd9be472da7ad03f66088df805
grub2-efi-aa64-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: f83850f3cc5badd3e6dc56885b396ebb70e0a284625ca45c8b5f83a551dcc82a
grub2-efi-ia32-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: 9caff567b3b99dafa8f738d230d1cc678140302adcdfe8a97afd129afd9fd255
grub2-efi-ia32-cdboot-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: 27966516e7b3b513522bb0f865d33b4777c63fa6d50e10cb9e8f8867109cf528
grub2-efi-ia32-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: fc925f95f70333754baab8a660c52c51a3cab774b65778a8e1dcf7dad9de6ef1
grub2-efi-x64-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: 50362d7e75cfa2a7fee535ac7d1b09d4873c044a3926a152c4cba6518dfe09d5
grub2-efi-x64-cdboot-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: d2f6dedbd7153a29540706c6ec42ed837b08b924f646d31eecc6f23077125633
grub2-efi-x64-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: b91ba10ef7f7f31851a8b5d5dc1ceac3e940ceeef6aae063081678bbbb68189a
grub2-pc-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: 6dcf900ee45d63c6afb09888e939c4660847eb317de6e624191e49bd0cabd2b4
grub2-pc-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: 0e68acf289ca1b21ba5745198b25fec15408ac03f4658810c6b46216a665f205
grub2-ppc-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: d1a88c9ff0618f1190652f4837499b383830137bede2fea90dae1871145943cf
grub2-ppc64-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: 5f4b5dc2f57c7024a0a46b45696bec5c72fdd74f9091212d31094108cb00de91
grub2-ppc64le-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: 5c9d4a8bb032cc0ac221fa4c048e49de27388cea7280c578d2ea200f9f193ad7
grub2-tools-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: a37d6f3041324b881552f02c34129202169a47a5faf260dd23198f79ac292dfd
grub2-tools-extra-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: 72ae887058f6a30451ff1ddac77db0675f99ac0a82368e595ef1579966cd056c
grub2-tools-minimal-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: be8f6ae6bbabd525631fa47ab6193578dcc54d38a73d24afff8bae57be2f701b

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.4

SRPM
grub2-2.02-0.86.el7_4.2.src.rpm SHA-256: 56df4d7eee272906e78d99cba44f852bf9c48fbcb287f00baea485a51e42a898
ppc64le
grub2-2.02-0.86.el7_4.2.ppc64le.rpm SHA-256: 95175d85a8e45927c8037b384e7ee8c5698ee3f722ed375d4ef0634ae7141d3f
grub2-common-2.02-0.86.el7_4.2.noarch.rpm SHA-256: 69fe4bb028d62c67d8eab84cfb2f82f8b32cdb132dae49b82cd4e6dc552b45bb
grub2-debuginfo-2.02-0.86.el7_4.2.ppc64le.rpm SHA-256: 8eb46324f91d070d55665837f19cd43c2bd2c3d55b2ff3f7811a7c3cbdaa9daa
grub2-efi-aa64-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: f83850f3cc5badd3e6dc56885b396ebb70e0a284625ca45c8b5f83a551dcc82a
grub2-efi-ia32-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: fc925f95f70333754baab8a660c52c51a3cab774b65778a8e1dcf7dad9de6ef1
grub2-efi-x64-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: b91ba10ef7f7f31851a8b5d5dc1ceac3e940ceeef6aae063081678bbbb68189a
grub2-pc-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: 0e68acf289ca1b21ba5745198b25fec15408ac03f4658810c6b46216a665f205
grub2-ppc-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: d1a88c9ff0618f1190652f4837499b383830137bede2fea90dae1871145943cf
grub2-ppc64-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: 5f4b5dc2f57c7024a0a46b45696bec5c72fdd74f9091212d31094108cb00de91
grub2-ppc64le-2.02-0.86.el7_4.2.ppc64le.rpm SHA-256: 7c703948ec48863ceb3a5de88b830278849c1300e0b229827b92555f4a063f09
grub2-ppc64le-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: 5c9d4a8bb032cc0ac221fa4c048e49de27388cea7280c578d2ea200f9f193ad7
grub2-tools-2.02-0.86.el7_4.2.ppc64le.rpm SHA-256: eb6d27f717ca9a46bdb0d1df1b90ca045c20a6f6bac438bfc146239e58607bb5
grub2-tools-extra-2.02-0.86.el7_4.2.ppc64le.rpm SHA-256: d4cc68663a8bdf856cf5c73cbf4b1d95433c16a86803c282e19aadc17cb319b1
grub2-tools-minimal-2.02-0.86.el7_4.2.ppc64le.rpm SHA-256: d1b2f232d29246b3a7b29b46abb9c99e4c42be7ef515901bff16a5adb5456968

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.4

SRPM
grub2-2.02-0.86.el7_4.2.src.rpm SHA-256: 56df4d7eee272906e78d99cba44f852bf9c48fbcb287f00baea485a51e42a898
x86_64
grub2-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: 075da92efefa20ac58279e43a4ac4d519bcb7168a1044f529261919a5faa59fc
grub2-common-2.02-0.86.el7_4.2.noarch.rpm SHA-256: 69fe4bb028d62c67d8eab84cfb2f82f8b32cdb132dae49b82cd4e6dc552b45bb
grub2-debuginfo-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: a1619a41f01fdf11d41d79f8dbb31b48596a97dd9be472da7ad03f66088df805
grub2-debuginfo-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: a1619a41f01fdf11d41d79f8dbb31b48596a97dd9be472da7ad03f66088df805
grub2-efi-aa64-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: f83850f3cc5badd3e6dc56885b396ebb70e0a284625ca45c8b5f83a551dcc82a
grub2-efi-ia32-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: 9caff567b3b99dafa8f738d230d1cc678140302adcdfe8a97afd129afd9fd255
grub2-efi-ia32-cdboot-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: 27966516e7b3b513522bb0f865d33b4777c63fa6d50e10cb9e8f8867109cf528
grub2-efi-ia32-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: fc925f95f70333754baab8a660c52c51a3cab774b65778a8e1dcf7dad9de6ef1
grub2-efi-x64-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: 50362d7e75cfa2a7fee535ac7d1b09d4873c044a3926a152c4cba6518dfe09d5
grub2-efi-x64-cdboot-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: d2f6dedbd7153a29540706c6ec42ed837b08b924f646d31eecc6f23077125633
grub2-efi-x64-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: b91ba10ef7f7f31851a8b5d5dc1ceac3e940ceeef6aae063081678bbbb68189a
grub2-pc-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: 6dcf900ee45d63c6afb09888e939c4660847eb317de6e624191e49bd0cabd2b4
grub2-pc-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: 0e68acf289ca1b21ba5745198b25fec15408ac03f4658810c6b46216a665f205
grub2-ppc-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: d1a88c9ff0618f1190652f4837499b383830137bede2fea90dae1871145943cf
grub2-ppc64-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: 5f4b5dc2f57c7024a0a46b45696bec5c72fdd74f9091212d31094108cb00de91
grub2-ppc64le-modules-2.02-0.86.el7_4.2.noarch.rpm SHA-256: 5c9d4a8bb032cc0ac221fa4c048e49de27388cea7280c578d2ea200f9f193ad7
grub2-tools-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: a37d6f3041324b881552f02c34129202169a47a5faf260dd23198f79ac292dfd
grub2-tools-extra-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: 72ae887058f6a30451ff1ddac77db0675f99ac0a82368e595ef1579966cd056c
grub2-tools-minimal-2.02-0.86.el7_4.2.x86_64.rpm SHA-256: be8f6ae6bbabd525631fa47ab6193578dcc54d38a73d24afff8bae57be2f701b

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility