Early Access — Mondoo Vulnerability Intelligence is currently in preview.

SUSE-SU-2023:4130-1

UNKNOWN

Security update for grub2

Published Oct 19, 2023

Modified 2 years ago

Fix available

Details

This update for grub2 fixes the following issues:

CVE-2023-4692: Fixed an out-of-bounds write at fs/ntfs.c which may lead to unsigned code execution. (bsc#1215935)
CVE-2023-4693: Fixed an out-of-bounds read at fs/ntfs.c which may lead to leak sensitive information. (bsc#1215936)

Affected Packages

SUSE:Enterprise Storage 7.1grub2

Fixed in:

2.04-150300.22.43.1

SUSE:Enterprise Storage 7.1grub2-arm64-efi

Fixed in:

2.04-150300.22.43.1

SUSE:Enterprise Storage 7.1grub2-i386-pc

Fixed in:

2.04-150300.22.43.1

SUSE:Enterprise Storage 7.1grub2-powerpc-ieee1275

Fixed in:

2.04-150300.22.43.1

SUSE:Enterprise Storage 7.1grub2-snapper-plugin

Fixed in:

2.04-150300.22.43.1

SUSE:Enterprise Storage 7.1grub2-systemd-sleep-plugin

Fixed in:

2.04-150300.22.43.1

SUSE:Enterprise Storage 7.1grub2-x86_64-efi

Fixed in:

2.04-150300.22.43.1

SUSE:Enterprise Storage 7.1grub2-x86_64-xen

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOSgrub2

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOSgrub2-arm64-efi

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOSgrub2-i386-pc

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOSgrub2-powerpc-ieee1275

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOSgrub2-snapper-plugin

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOSgrub2-systemd-sleep-plugin

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOSgrub2-x86_64-efi

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOSgrub2-x86_64-xen

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSSgrub2

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSSgrub2-arm64-efi

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSSgrub2-i386-pc

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSSgrub2-powerpc-ieee1275

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSSgrub2-snapper-plugin

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSSgrub2-systemd-sleep-plugin

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSSgrub2-x86_64-efi

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSSgrub2-x86_64-xen

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Micro 5.2grub2

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Micro 5.2grub2-arm64-efi

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Micro 5.2grub2-i386-pc

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Micro 5.2grub2-s390x-emu

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Micro 5.2grub2-snapper-plugin

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Micro 5.2grub2-x86_64-efi

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Micro 5.2grub2-x86_64-xen

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Server 15 SP3-LTSSgrub2

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Server 15 SP3-LTSSgrub2-arm64-efi

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Server 15 SP3-LTSSgrub2-i386-pc

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Server 15 SP3-LTSSgrub2-powerpc-ieee1275

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Server 15 SP3-LTSSgrub2-s390x-emu

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Server 15 SP3-LTSSgrub2-snapper-plugin

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Server 15 SP3-LTSSgrub2-systemd-sleep-plugin

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Server 15 SP3-LTSSgrub2-x86_64-efi

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Server 15 SP3-LTSSgrub2-x86_64-xen

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3grub2

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3grub2-arm64-efi

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3grub2-i386-pc

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3grub2-powerpc-ieee1275

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3grub2-snapper-plugin

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3grub2-systemd-sleep-plugin

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3grub2-x86_64-efi

Fixed in:

2.04-150300.22.43.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3grub2-x86_64-xen

Fixed in:

2.04-150300.22.43.1

SUSE:Manager Proxy 4.2grub2

Fixed in:

2.04-150300.22.43.1

SUSE:Manager Proxy 4.2grub2-arm64-efi

Fixed in:

2.04-150300.22.43.1

SUSE:Manager Proxy 4.2grub2-i386-pc

Fixed in:

2.04-150300.22.43.1

SUSE:Manager Proxy 4.2grub2-powerpc-ieee1275

Fixed in:

2.04-150300.22.43.1

SUSE:Manager Proxy 4.2grub2-snapper-plugin

Fixed in:

2.04-150300.22.43.1

SUSE:Manager Proxy 4.2grub2-systemd-sleep-plugin

Fixed in:

2.04-150300.22.43.1

SUSE:Manager Proxy 4.2grub2-x86_64-efi

Fixed in:

2.04-150300.22.43.1

SUSE:Manager Proxy 4.2grub2-x86_64-xen

Fixed in:

2.04-150300.22.43.1

SUSE:Manager Proxy Module 4.2grub2

Fixed in:

2.04-150300.22.43.1

SUSE:Manager Proxy Module 4.2grub2-arm64-efi

Fixed in:

2.04-150300.22.43.1

SUSE:Manager Server 4.2grub2

Fixed in:

2.04-150300.22.43.1

SUSE:Manager Server 4.2grub2-arm64-efi

Fixed in:

2.04-150300.22.43.1

SUSE:Manager Server 4.2grub2-i386-pc

Fixed in:

2.04-150300.22.43.1

SUSE:Manager Server 4.2grub2-powerpc-ieee1275

Fixed in:

2.04-150300.22.43.1

SUSE:Manager Server 4.2grub2-s390x-emu

Fixed in:

2.04-150300.22.43.1

SUSE:Manager Server 4.2grub2-snapper-plugin

Fixed in:

2.04-150300.22.43.1

SUSE:Manager Server 4.2grub2-systemd-sleep-plugin

Fixed in:

2.04-150300.22.43.1

SUSE:Manager Server 4.2grub2-x86_64-efi

Fixed in:

2.04-150300.22.43.1

SUSE:Manager Server 4.2grub2-x86_64-xen

Fixed in:

2.04-150300.22.43.1

Timeline

PublishedOct 19, 2023

ModifiedOct 19, 2023

SUSE-SU-2023:4130-1 | Mondoo Vulnerability Intelligence

SUSE-SU-2023:4130-1

Details

Affected Packages

References

Upstream

Related

Ecosystems

Timeline