Early Access — Mondoo Vulnerability Intelligence is currently in preview.
This update for grub2 fixes the following issues:
Changes in grub2:
CVE-2025-54771: Fixed grub_file_close() does not properly controls the fs refcount (bsc#1252931)
CVE-2025-54770: Fixed missing unregister call for net_set_vlan command may lead to use-after-free (bsc#1252930)
CVE-2025-61662: Fixed missing unregister call for gettext command may lead to use-after-free (bsc#1252933)
CVE-2025-61663: Fixed missing unregister call for normal commands may lead to use-after-free (bsc#1252934)
CVE-2025-61664: Fixed missing unregister call for normal_exit command may lead to use-after-free (bsc#1252935)
CVE-2025-61661: Fixed out-of-bounds write in grub_usb_get_string() function (bsc#1252932)
Bump upstream SBAT generation to 6
Fix "sparse file not allowed" error after grub2-reboot (bsc#1245738)
Fix PowerPC network boot prefix to correctly locate grub.cfg (bsc#1249385)
turn off page flipping for i386-pc using VBE video backend (bsc#1245636)
Fix boot hangs in setting up serial console when ACPI SPCR table is present and redirection is disabled (bsc#1249088)
Fix timeout when loading initrd via http after PPC CAS reboot (bsc#1245953)
Skip mount point in grub_find_device function (bsc#1246231)
CVE-2024-56738: Fixed side-channel attack due to not constant-time algorithm in grub_crypto_memcmp (bsc#1234959)
2.12-160000.3.12.12-160000.3.12.12-160000.3.12.12-160000.3.12.12-160000.3.12.12-160000.3.12.12-160000.3.12.12-160000.3.12.12-160000.3.12.12-160000.3.12.12-160000.3.12.12-160000.3.12.12-160000.3.12.12-160000.3.12.12-160000.3.12.12-160000.3.12.12-160000.3.12.12-160000.3.1