Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in GRUB2
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in GRUB2
ID: USN-6355-1
Distribution: Ubuntu
Plattformen: Ubuntu 20.04 LTS, Ubuntu 22.04 LTS
Datum: Fr, 8. September 2023, 06:47
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28735
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28733
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28737
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3695
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3696
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3775
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28736
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3981
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3697
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28734
Applikationen: GRUB

Originalnachricht

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============0936813580699840044==
Content-Language: en-US
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature";
boundary="------------FpNXrZe900WJou0dwaYgEf5J"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--------------FpNXrZe900WJou0dwaYgEf5J
Content-Type: multipart/mixed;
boundary="------------lLRTwDY42I0pJHvXX2m43H4y";
protected-headers="v1"
From: Mark Esler <mark.esler@canonical.com>
Reply-To: Ubuntu Security <security@ubuntu.com>
To: ubuntu-security-announce@lists.ubuntu.com
Message-ID: <e1df0927-8ff1-4db7-9ec6-566d72815f28@canonical.com>
Subject: [USN-6355-1] GRUB2 vulnerabilities

--------------lLRTwDY42I0pJHvXX2m43H4y
Content-Type: multipart/mixed;
boundary="------------QlYUPNgV864VhOzjDbxI0JwT"

--------------QlYUPNgV864VhOzjDbxI0JwT
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: base64

==========================================================================
Ubuntu Security Notice USN-6355-1
September 08, 2023

grub2-signed, grub2-unsigned, shim, and shim-signed vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in GRUB2.

Software Description:
- grub2-signed: GRand Unified Bootloader
- grub2-unsigned: GRand Unified Bootloader
- shim: boot loader to chain-load signed boot loaders under Secure Boot
- shim-signed: Secure Boot chain-loading bootloader (Microsoft-signed binary)

Details:

Daniel Axtens discovered that specially crafted images could cause a
heap-based out-of-bonds write. A local attacker could possibly use
this to circumvent secure boot protections. (CVE-2021-3695)

Daniel Axtens discovered that specially crafted images could cause
out-of-bonds read and write. A local attacker could possibly use this
to circumvent secure boot protections. (CVE-2021-3696)

Daniel Axtens discovered that specially crafted images could cause
buffer underwrite which allows arbitrary data to be written to a heap.
A local attacker could possibly use this to circumvent secure
boot protections. (CVE-2021-3697)

It was discovered that GRUB2 configuration files were created with
the wrong permissions. An attacker could possibly use this to leak
encrypted passwords. (CVE-2021-3981)

Daniel Axtens discovered that specially crafted IP packets could cause
an integer underflow and write past the end of a bugger. An attacker
could possibly use this to circumvent secure boot protections.
(CVE-2022-28733)

Daniel Axtens discovered that specially crafted HTTP headers can cause
an out-of-bounds write of a NULL byte. An attacker could possibly use
this to corrupt GRUB2's internal data. (CVE-2022-28734)

Julian Andres Klode discovered that GRUB2 shim_lock allowed non-
kernel files to be loaded. A local attack could possibly use this to
circumvent secure boot protections. (CVE-2022-28735)

Chris Coulson discovered that executing chainloaders more than once
caused a use-after-free vulnerability. A local attack could possibly
use this to circumvent secure boot protections. (CVE-2022-28736)

Chris Coulson discovered that specially crafted executables could
cause shim to make out-of-bound writes. A local attack could possibly
use this to circumvent secure boot protections. (CVE-2022-28737)

Zhang Boyang discovered that specially crafted unicode sequences
could lead to an out-of-bounds write to a heap. A local attacker could
possibly use this to circumvent secure boot protections.
(CVE-2022-3775)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS:
grub-efi-amd64 2.06-2ubuntu14.1
grub-efi-amd64-bin 2.06-2ubuntu14.1
grub-efi-amd64-signed 1.187.3~22.04.1+2.06-2ubuntu14.1
grub-efi-arm64 2.06-2ubuntu14.1
grub-efi-arm64-bin 2.06-2ubuntu14.1
grub-efi-arm64-signed 1.187.3~22.04.1+2.06-2ubuntu14.1
shim 15.7-0ubuntu1
shim-signed 1.51.3+15.7-0ubuntu1

Ubuntu 20.04 LTS:
grub-efi-amd64 2.06-2ubuntu14.1
grub-efi-amd64-bin 2.06-2ubuntu14.1
grub-efi-amd64-signed 1.187.3~20.04.1+2.06-2ubuntu14.1
grub-efi-arm64 2.06-2ubuntu14.1
grub-efi-arm64-bin 2.06-2ubuntu14.1
grub-efi-arm64-signed 1.187.3~20.04.1+2.06-2ubuntu14.1
shim 15.7-0ubuntu1
shim-signed 1.40.9+15.7-0ubuntu1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-6355-1
CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2021-3981,
CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736,
CVE-2022-28737, CVE-2022-3775,https://launchpad.net/bugs/2029518

Package Information:
https://launchpad.net/ubuntu/+source/grub2-signed/1.187.3~22.04.1
https://launchpad.net/ubuntu/+source/grub2-unsigned/2.06-2ubuntu14.1
https://launchpad.net/ubuntu/+source/shim/15.7-0ubuntu1
https://launchpad.net/ubuntu/+source/shim-signed/1.51.3
https://launchpad.net/ubuntu/+source/grub2-signed/1.187.3~20.04.1
https://launchpad.net/ubuntu/+source/grub2-unsigned/2.06-2ubuntu14.1
https://launchpad.net/ubuntu/+source/shim/15.7-0ubuntu1
https://launchpad.net/ubuntu/+source/shim-signed/1.40.9

--------------QlYUPNgV864VhOzjDbxI0JwT
Content-Type: application/pgp-keys;
name="OpenPGP_0xD60B83C90513BD4F.asc"
Content-Disposition: attachment;
filename="OpenPGP_0xD60B83C90513BD4F.asc"
Content-Description: OpenPGP public key
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP PUBLIC KEY BLOCK-----

xsFNBGJo5iQBEADBDrePgICrxsoCWxlAiEKAgZgqeX1XhHxhDCkprNwOA9ZEU7G9
77BEHgYLSrAh3LraWYK+piBXBuHdg8KCUppUmEC4GtiHg+KxtxRjgZn/tjLD6vgZ
kwZYs0KXQVCK2bhSL0paEA78Xcx1B6xa8JArnjk87VoNl6RCjJESXkwlqGtQTEOp
bNxBy5Pd0T33xYeKcOz0GWY5ndkU1gD7NtMZdWZ8vcQclLquQO5OE33OhK78cU4Z
k4xFL5I5R4rBhlrOsw002bbD0+QI6wUKQByHfvcAz59eHS/wJOrAY/1p+IKql/4f
sRQQSRPSc+3CqELdxzF2s+AG0PciQms3RVYT6czH28Ce9C9BDAENga28FvQDf5Zi
STUeXZm0XJ9g+dLg+6FBPHp9wX+ybfAmIRXQlV4D6DledQAWjoBy3j09JOGQGSH0
S3EbQ68Qn2xyGBlYeFCZbMlKDN8NrpVCx9Jf6dDb3Qv2Do1yIIRu5x0vwKlNsQG0
NffMryLCQ0tVBNNiwqrHIbmZEhSUEmKf6u+zZsx1JMewe6fRw3hf3VOzENH5tGpZ
Z1Yg8m3E2yiXmPJ9cX3iZD0l7/L8CEiuMWt/q/NEDnKsGovi9N1r04Yxxo5lWoHr
+4taaOnC2C7YEHICIWx3lEU0lm24PbNG4QBJCJ8ctwG2rV3AMILCVSzW0QARAQAB
zSVNYXJrIEVzbGVyIDxtYXJrLmVzbGVyQGNhbm9uaWNhbC5jb20+wsGUBBMBCgA+
FiEELTsQ/oZuJMqL99Qt1guDyQUTvU8FAmJo5iQCGwMFCQPCZwAFCwkIBwIGFQoJ
CAsCBBYCAwECHgECF4AACgkQ1guDyQUTvU/Gqw/9F5ko+KS9CRXXcp4SkdhHB6aG
tD9rEJycEywPymmI+OwCJppmbQBzzwW7QGLHi8TTiWnWMSeikhSh0p9pPCc9rhLt
tYDlGZwoxXPt7PwS0k9JjITNviTNZD6uHIoYmFMxS65qdh7s7OSQj4+nTij1b+dV
qzaG4krGB/pav2D2adt4k02KfqIkPiLY0Jo+o8hKOx2HRh8xqEU/eySRtVvIx55c
D4Qh63KQv465Afz+QuKsbxuqA2iboUP/srYtMQtFi8TCF7/5gLwDbGDgOAYhIxyf
vgAH5dbBFB8lIMPjIeTbP0lE+xMHUmQsKhtYICnjhnGRJeT6vBlDFuUar5DYA3fI
m9LEAf1T1eMK4FBUSCv+cULlT9+rsHDbG6tiZU/BDp/mkKFs2Ax9W68+fgXy7bor
ixrgDhfSCsYWaxLsXW/GEmyCbp30PZlLr6kvfQq7CMEjeE79FEsef7/ppRH/t+mv
6p2xhb+DDbvqzcQZ7LQn3+PLxkR37spQRvevPxpx000CqTO5gV19w/2ZSPydm2Zd
44XSranzwDdD4o5ZsMXAPuCNlVAVzxAhxNj2QQL7xh9bdDDmM9Z7qBPwFX42n7mw
ryjBHqMtrSCSI8hupSh2B/bQSRyWd3/KQ2vlJMoq7H5EJiJYpb3blvb4tfoSfEag
PqYV1jJEcKImOGs988rOwU0EYmjmJAEQAL0wGwC8P1qj0fuLaFpPKBAFtxBqnJJc
c+63DjQ17/QJrYpKwGGkW6fz/Nn0nUDf88FdrHd7t6a9c3m82/gvsr8VjAD4SISp
DjPIpfCj5gWGAuhATWB0pwjWRsgFkIThaa0px6ZJFGdU9lJmi633Xsk4s9bws8kZ
pnwtk+StRueqcSElfLw1/gbu6EhcEH62iBb2qlRhgtntgy1dcnqDEQhcdccWSgna
+ZlDIo3Z75RWoIXxrtzUe9PDdG4Ou+k/H96mS7pZdmU6elbQlcDGYegYGH6OTYjv
Zyl81ACN9Y3Fcmc+luBMeuyQndHFnG6rjOwHr6iM9ZKRBq03QiAAp4vooPyLqG9n
ZmoeLH0Q7L2pVIwroVtsJvnjws5z3DujguZcLYCeA/WEXj8p0lYy9WVGrfJ7LyLp
+Uj7AdXFB6msED51Swb6QkpWrcC7V2COKZmfYGXFy7PdIwWeqgYjJ0zqEldHGDTD
V0yTuuER2bJ/T1WBVy9U46/KRUXYevgCZFGPbyO/vKLwKVbrbkimULMFcPJpKinF
PQs0ch7HA6PPog0wbux5Bm9O78lzYo/WFlvofFKTzfGEsnifCVXkcsu0Qp8m6DQZ
yeFO8SH3DHaHFaPKc3JYEFTdmP0PdvH8aqb5TVTb8G+hvxktDkCuCrlaoFVSCNhI
WfJ6rAxxYGuNABEBAAHCwXwEGAEKACYWIQQtOxD+hm4kyov31C3WC4PJBRO9TwUC
YmjmJAIbDAUJA8JnAAAKCRDWC4PJBRO9T3SnEACEprj9LsxvhbM6A/aLk3la8UD9
MYtLSmbl+KPGEvP0r7viPftolgV8O+tRG09Z7Wd/63WsHjA2Psgwdm49BziL8tCf
ONfVXCojPxR/uyL5ykPHSE/yC+mz3DTPWcncGCdteil6Cw43MHNCm2oYJ38VXAwV
9pikHeO5Pj5xukmc/bQr3v3NrDQI+AQpNbWs2r4vw+y01IidmMh12RkuGi2UYOga
jvfDeoSSEF7VJ6Qlij9UjatkbZpSHjn2rf+B9DdlkRNr5Vfd9/xaSFQoazdgNS/Q
HqOeZ+9HqNrUlHTH9BUaTkmV6MDXtEjVGfROXxXPw/q29QUzZUZE3agqmuxB3yar
PjW24mNu5Kd22rb06blTfBO0o7DOX9UwOVLfFLejfWAYANuXilcju9/3dHRsv6o9
9tGfRxJIMOPVY6JgswYISB7CwdA+Uda6UvU+qwYCRi7B8L13H3uhDKzA5sgRZnz2
oQw+bOB/ErZv78NVnhrdy9LAkLk0U8RVvH8sWPco4ZjQVou6wDMEsKaIlioU8x6n
YOi8LBpijWpaKEpCbU4nRdV/4d3eWr7tu1MWGcm70C6mrjypxI6TVCPg+gimjM4D
7LOpJKZJVGQg9JYPUhccp27Nn/3L2/Y9F3tKUfCTPHanOzHg4KNRRUr8CQD8qi+8
nWqztY9OeZjz0vagYM7BTQRiaOZoARAA6bzogRYAMYdwU2BsWFurvrghzEbqjguN
XwBiQ/90kXb3exYZvGXTCxdrV5FRjPU6eeX2TAyZRt6XnK6nyrZFlRAcXeWCeo05
d+mdK6fv4iOc/T0JeMZCrNm4BDjcGNOr7KImVQTNuoN9nVieVQSK/hRpSFPkNLbn
1oemHqZitxoI5HCBAVQrKR8d0REzn9Y1jdCHkhgSNaEcAww6CgF2Mlsw5txhmIh9
IZircfAzGU6lI1MgjPkDOFPDdwIoc8xtuAJB/G6gT8Ot9FQ3EMaV2zPTL7Jd1ZQR
hOrs75gjLlhOyYYb5Y3isaMKzUMYKQDFWrCws/sGEm2TwbD5gI6ipa2r71DcGijj
GJQITAQsS+rdUKBts+DPKfZR4nlLq41/utA4LJL2y33SFXeqylyIoKPs1FJ0JZyM
VXiWQyxAuPjYJPZbcSh8exj6rct/QVZgztSuvKxeaEqZ/xwkQ/uHWZxQy7lZxBbw
LCVH8HxVApD/tc3/U/jQjtQSblX3KnMia5rHjX+p9tYSSeLNPA99KNrqwLdDh9Mz
/Rm131NUHwlOEIpSeqDfs1+jQYy0QdZnxDHrIVnpIz6M8IVFRBo4LQmi0sPkzzEZ
A29s3+IzofztGXf+b+vZAmnOrQEgNPjdIVHfvQJVqcm1JdOzyuHEvN8IiV/90RAP
r2NqNrtRjQMAEQEAAcLBfAQYAQoAJhYhBC07EP6GbiTKi/fULdYLg8kFE71PBQJi
aOZoAhsgBQkDwmcAAAoJENYLg8kFE71PE2wQAK2ntrQ0902+a3KC/Ak7VhOTV0c0
my8e7mqesYRGXB158P7UJZS1grU6MjBbMsArFdshTRquSmEOnAB6ahnD+JNq+Jzf
9QKknvekzkjlC11FxTHMGncKnScsu8Vont+rFBA66JYLrh7my5CpzijTVTYC9HcA
SbnW0IzzJl90cVh5tC9S+m6Dh3kNcujWyJ8D+ceaEhwYE2LgbbDUSJa2p1tBiXQ6
SGu6nX0nyXL5p7zzRhAl/ao5cZ/FTijvdQe1Vzm7qArKj6A3ir5YOWzSnaCbfbSm
J2pPgZZCNybzStmcoZ73GgBJxIh89vixfBRLTJVECePLTw2gBmoxR1ziqs0pKW3H
y3VKBb+QMJAVmRwRlonMTgT5gHa8bCL8U7Qvx9jOrApOEqFee3dytIOoVsCUkNh0
vOKmlLuqrIopdbJm8F58qOV/eR5chfxax9jOSHkZ812LyMyxr8y6wn3d26XF4Ho1
tGRAYDI77qaLxaPbzIFas1t9X/+U+sz3Bg0exmi9/mp9wwvLJh3XOC+2MaHzBXGl
x+MvgOYIvEtZXVvfwjay19rhJRvn0D497VaVrhw7md5IbKY42h5qUCCzlHsqHEe5
YDxswWadH4fZhy+cEatf29lYJ2BaK+PIsmp22bxbxdGdoZ2cbqQXIko+3XxaiVp5
z7V5USx9zNkfsrbz
=3D3tFx
-----END PGP PUBLIC KEY BLOCK-----

--------------QlYUPNgV864VhOzjDbxI0JwT--

--------------lLRTwDY42I0pJHvXX2m43H4y--

--------------FpNXrZe900WJou0dwaYgEf5J
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature.asc"

-----BEGIN PGP SIGNATURE-----

wsF5BAABCAAjFiEELTsQ/oZuJMqL99Qt1guDyQUTvU8FAmT6aW8FAwAAAAAACgkQ1guDyQUTvU+s
Iw/9HTTFSAGvAJQ9OQIPOwvy/ITTk3kAXq5clcIecYFwiyJi/PVYr8+HzTzJ/2E76XBEXK5XomEk
TpZcOc9SZGRk1R3ppWkDpRLgf6/pCEEQjyzsgzdBLh7W9zfNC7yew7Y6AxxyhfcmUnElPkv1GoG6
/3e89l2hLZEz4+1BsZKhta64MafM4SjUiAoGJaR24PqOHe75f9JpVn7JB0GfM2mlm6o2Uyy/DrgM
31Hc1XD4xSkh4/GLxggDoEW+bEieJEILIJc+z15yaIWXh4+oERlB/E2l84jfYav8HOjKz2hk4Wtr
xrItRBR4+Dh0N2WpELJD3q7T4JkEjWagbvPuc5TK9nmmEQbbu8qr+vYVDXx5eEjJT0fjU6maGXCr
rPbLp+eFog6PbULTP0EqWEHFJY4nBrtNWkIMJesHYW4wEhWl2IviHt/gLyjEnEMt5yKGaT51TVkH
UTjUF4EITXdF6ib/3D9erEdlNc0OeECaKS+Rx1Nlnh7TWBYxNg6INlK1dXveVuqZRuShkzuIipp7
eaPyWLLEJgomabRWp7f8tMi9sObn5EEzfPrIHrfXE7q8pRg5bWmcPuuoiTnVkt+xUlisrzpAqjRN
YDQ9LEzZUX8pmorJImJ4EGlHD+bSOkODoWxrHklBuhe8w0pJESGP0mHjhGTJ2xQuFrThHsGA29XA
Gy8=
=QKvg
-----END PGP SIGNATURE-----

--------------FpNXrZe900WJou0dwaYgEf5J--


--===============0936813580699840044==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

Cg==

--===============0936813580699840044==--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung