CVE-2021-3697

A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. This vulnerability can lead to data corruption and eventual code execution or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7 HIGH
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
Affected Products (NVD)
VendorProductVersion
gnugrub2
2.00 ≤
𝑥
< 2.12
redhatdeveloper_tools
1.0
redhatopenshift
3.0
redhatenterprise_linux
8.0
redhatenterprise_linux
8.1
redhatenterprise_linux
8.4
redhatenterprise_linux
9.0
redhatenterprise_linux_eus
8.2
redhatenterprise_linux_eus
8.4
redhatenterprise_linux_eus
8.6
redhatenterprise_linux_eus
9.0
redhatenterprise_linux_for_power_little_endian
8.0
redhatenterprise_linux_for_power_little_endian
9.0
redhatenterprise_linux_for_power_little_endian_eus
8.2
redhatenterprise_linux_for_power_little_endian_eus
8.4
redhatenterprise_linux_for_power_little_endian_eus
8.6
redhatenterprise_linux_for_power_little_endian_eus
9.0
redhatenterprise_linux_server_aus
8.2
redhatenterprise_linux_server_aus
8.4
redhatenterprise_linux_server_aus
8.6
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
8.1
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
8.2
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
8.4
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
8.6
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
9.0
redhatenterprise_linux_server_tus
8.2
redhatenterprise_linux_server_tus
8.4
redhatenterprise_linux_server_tus
8.6
redhatopenshift_container_platform
4.6
redhatopenshift_container_platform
4.9
redhatopenshift_container_platform
4.10
redhatcodeready_linux_builder
-
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
grub2
bookworm
2.06-13+deb12u1
fixed
bookworm (security)
2.06-13+deb12u1
fixed
bullseye
2.06-3~deb11u6
fixed
bullseye (security)
2.06-3~deb11u6
fixed
jessie
ignored
sid
2.12-5
fixed
stretch
ignored
trixie
2.12-5
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
grub2
bionic
not-affected
focal
not-affected
impish
ignored
jammy
not-affected
kinetic
not-affected
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
not-affected
xenial
not-affected
grub2-signed
bionic
Fixed 1.187.3~18.04.1
released
focal
Fixed 1.187.3~20.04.1
released
jammy
Fixed 1.187.3~22.04.1
released
kinetic
ignored
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
needed
xenial
needed
grub2-unsigned
bionic
Fixed 2.06-2ubuntu14.1
released
focal
Fixed 2.06-2ubuntu14.1
released
jammy
Fixed 2.06-2ubuntu14.1
released
kinetic
ignored
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
dne
xenial
needed
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
grub2
suse enterprise desktop 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise desktop 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise desktop 15 SP5
2.06-150500.27.4
fixed
suse enterprise desktop 15 SP6
2.12-150600.6.13
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 12 SP5
2.02-143.2
fixed
suse enterprise sap 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise sap 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise sap 15 SP5
2.06-150500.27.4
fixed
suse enterprise sap 15 SP6
2.12-150600.6.13
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP3
2.02-137.2
fixed
suse enterprise server 12 SP4
2.02-143.2
fixed
suse enterprise server 12 SP5
2.02-143.2
fixed
suse enterprise server 15
2.02-150000.122.12.2
fixed
suse enterprise server 15 SP1
2.02-150100.123.12.2
fixed
suse enterprise server 15 SP2
2.04-150200.9.63.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise server 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise server 15 SP5
2.06-150500.27.4
fixed
suse enterprise server 15 SP6
2.12-150600.6.13
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-arm64-efi
suse enterprise desktop 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise desktop 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise desktop 15 SP5
2.06-150500.27.4
fixed
suse enterprise desktop 15 SP6
2.12-150600.6.13
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 12 SP5
2.02-143.2
fixed
suse enterprise sap 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise sap 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise sap 15 SP5
2.06-150500.27.4
fixed
suse enterprise sap 15 SP6
2.12-150600.6.13
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP3
2.02-137.2
fixed
suse enterprise server 12 SP4
2.02-143.2
fixed
suse enterprise server 12 SP5
2.02-143.2
fixed
suse enterprise server 15
2.02-150000.122.12.2
fixed
suse enterprise server 15 SP1
2.02-150100.123.12.2
fixed
suse enterprise server 15 SP2
2.04-150200.9.63.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise server 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise server 15 SP5
2.06-150500.27.4
fixed
suse enterprise server 15 SP6
2.12-150600.6.13
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-i386-pc
suse enterprise desktop 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise desktop 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise desktop 15 SP5
2.06-150500.27.4
fixed
suse enterprise desktop 15 SP6
2.12-150600.6.13
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 12 SP5
2.02-143.2
fixed
suse enterprise sap 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise sap 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise sap 15 SP5
2.06-150500.27.4
fixed
suse enterprise sap 15 SP6
2.12-150600.6.13
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP3
2.02-137.2
fixed
suse enterprise server 12 SP4
2.02-143.2
fixed
suse enterprise server 12 SP5
2.02-143.2
fixed
suse enterprise server 15
2.02-150000.122.12.2
fixed
suse enterprise server 15 SP1
2.02-150100.123.12.2
fixed
suse enterprise server 15 SP2
2.04-150200.9.63.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise server 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise server 15 SP5
2.06-150500.27.4
fixed
suse enterprise server 15 SP6
2.12-150600.6.13
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-powerpc-ieee1275
suse enterprise desktop 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise desktop 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise desktop 15 SP5
2.06-150500.27.4
fixed
suse enterprise desktop 15 SP6
2.12-150600.6.13
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 12 SP5
2.02-143.2
fixed
suse enterprise sap 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise sap 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise sap 15 SP5
2.06-150500.27.4
fixed
suse enterprise sap 15 SP6
2.12-150600.6.13
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP3
2.02-137.2
fixed
suse enterprise server 12 SP4
2.02-143.2
fixed
suse enterprise server 12 SP5
2.02-143.2
fixed
suse enterprise server 15
2.02-150000.122.12.2
fixed
suse enterprise server 15 SP1
2.02-150100.123.12.2
fixed
suse enterprise server 15 SP2
2.04-150200.9.63.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise server 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise server 15 SP5
2.06-150500.27.4
fixed
suse enterprise server 15 SP6
2.12-150600.6.13
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-s390x-emu
suse enterprise desktop 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise desktop 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise desktop 15 SP5
2.06-150500.27.4
fixed
suse enterprise desktop 15 SP6
2.12-150600.6.13
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 12 SP5
2.02-143.2
fixed
suse enterprise sap 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise sap 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise sap 15 SP5
2.06-150500.27.4
fixed
suse enterprise sap 15 SP6
2.12-150600.6.13
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP3
2.02-137.2
fixed
suse enterprise server 12 SP4
2.02-143.2
fixed
suse enterprise server 12 SP5
2.02-143.2
fixed
suse enterprise server 15
2.02-150000.122.12.2
fixed
suse enterprise server 15 SP1
2.02-150100.123.12.2
fixed
suse enterprise server 15 SP2
2.04-150200.9.63.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise server 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise server 15 SP5
2.06-150500.27.4
fixed
suse enterprise server 15 SP6
2.12-150600.6.13
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-snapper-plugin
suse enterprise desktop 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise desktop 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise desktop 15 SP5
2.06-150500.27.4
fixed
suse enterprise desktop 15 SP6
2.12-150600.6.13
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 12 SP5
2.02-143.2
fixed
suse enterprise sap 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise sap 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise sap 15 SP5
2.06-150500.27.4
fixed
suse enterprise sap 15 SP6
2.12-150600.6.13
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP3
2.02-137.2
fixed
suse enterprise server 12 SP4
2.02-143.2
fixed
suse enterprise server 12 SP5
2.02-143.2
fixed
suse enterprise server 15
2.02-150000.122.12.2
fixed
suse enterprise server 15 SP1
2.02-150100.123.12.2
fixed
suse enterprise server 15 SP2
2.04-150200.9.63.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise server 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise server 15 SP5
2.06-150500.27.4
fixed
suse enterprise server 15 SP6
2.12-150600.6.13
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-systemd-sleep-plugin
suse enterprise desktop 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise desktop 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise desktop 15 SP5
2.06-150500.27.4
fixed
suse enterprise desktop 15 SP6
2.12-150600.6.13
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 12 SP5
2.02-143.2
fixed
suse enterprise sap 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise sap 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise sap 15 SP5
2.06-150500.27.4
fixed
suse enterprise sap 15 SP6
2.12-150600.6.13
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP3
2.02-137.2
fixed
suse enterprise server 12 SP4
2.02-143.2
fixed
suse enterprise server 12 SP5
2.02-143.2
fixed
suse enterprise server 15
2.02-150000.122.12.2
fixed
suse enterprise server 15 SP1
2.02-150100.123.12.2
fixed
suse enterprise server 15 SP2
2.04-150200.9.63.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise server 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise server 15 SP5
2.06-150500.27.4
fixed
suse enterprise server 15 SP6
2.12-150600.6.13
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-x86_64-efi
suse enterprise desktop 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise desktop 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise desktop 15 SP5
2.06-150500.27.4
fixed
suse enterprise desktop 15 SP6
2.12-150600.6.13
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 12 SP5
2.02-143.2
fixed
suse enterprise sap 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise sap 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise sap 15 SP5
2.06-150500.27.4
fixed
suse enterprise sap 15 SP6
2.12-150600.6.13
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP3
2.02-137.2
fixed
suse enterprise server 12 SP4
2.02-143.2
fixed
suse enterprise server 12 SP5
2.02-143.2
fixed
suse enterprise server 15
2.02-150000.122.12.2
fixed
suse enterprise server 15 SP1
2.02-150100.123.12.2
fixed
suse enterprise server 15 SP2
2.04-150200.9.63.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.20.2
fixed
suse enterprise server 15 SP4
2.06-150400.11.5.2
fixed
suse enterprise server 15 SP5
2.06-150500.27.4
fixed
suse enterprise server 15 SP6
2.12-150600.6.13
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-x86_64-xen
suse enterprise sap 12 SP5
2.02-143.2
fixed
suse enterprise server 12 SP3
2.02-137.2
fixed
suse enterprise server 12 SP4
2.02-143.2
fixed
suse enterprise server 12 SP5
2.02-143.2
fixed
suse enterprise server 15
2.02-150000.122.12.2
fixed
suse enterprise server 15 SP1
2.02-150100.123.12.2
fixed
suse enterprise server 15 SP2
2.04-150200.9.63.2
fixed
suse enterprise server 15 SP4
2.06-150400.11.5.2
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
grub2-common
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-efi-aa64
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-efi-aa64-cdboot
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-efi-aa64-modules
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-efi-ia32
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
grub2-efi-ia32-cdboot
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
grub2-efi-ia32-modules
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
grub2-efi-x64
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-efi-x64-cdboot
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-efi-x64-modules
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-pc
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-pc-modules
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-ppc64le
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-ppc64le-modules
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-tools
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-tools-efi
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-tools-extra
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-tools-minimal
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
shim-aa64
RHEL 8
0:15.6-1.el8
fixed
RHEL 9
0:15.6-1.el9
fixed
shim-ia32
RHEL 8
0:15.6-1.el8
fixed
shim-unsigned-x64
RHEL 8
0:15.6-1.el8
fixed
RHEL 9
0:15.6-1.el9
fixed
shim-x64
RHEL 8
0:15.6-1.el8
fixed
RHEL 9
0:15.6-1.el9
fixed
Common Weakness Enumeration
References
https://bugzilla.redhat.com/show_bug.cgi?id=1991687
https://security.gentoo.org/glsa/202209-12
https://security.netapp.com/advisory/ntap-20220930-0001/
https://bugzilla.redhat.com/show_bug.cgi?id=1991687
https://security.gentoo.org/glsa/202209-12
https://security.netapp.com/advisory/ntap-20220930-0001/