Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-2312 (GCVE-0-2024-2312)
Vulnerability from cvelistv5 – Published: 2024-04-05 19:40 – Updated: 2025-02-13 17:33
VLAI?
EPSS
Summary
GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.
Severity ?
6.7 (Medium)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Debian | Debian based GNU GRUB |
Affected:
0 , < 2.12-1ubuntu5
(semver)
|
Credits
Mate Kukri
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:11:52.852Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2312"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240426-0003/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:gnu:grub2:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "grub2",
"vendor": "gnu",
"versions": [
{
"lessThan": "2.12-1ubuntu5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2312",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T15:39:12.205993Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T17:44:12.763Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"packageName": "grub2",
"platforms": [
"Linux"
],
"product": "Debian based GNU GRUB",
"repo": "https://git.savannah.gnu.org/cgit/grub.git",
"vendor": "Debian",
"versions": [
{
"lessThan": "2.12-1ubuntu5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mate Kukri"
}
],
"descriptions": [
{
"lang": "en",
"value": "GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu\u0027s peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-26T09:06:32.801Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127"
},
{
"tags": [
"issue-tracking"
],
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2312"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240426-0003/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2024-2312",
"datePublished": "2024-04-05T19:40:02.848Z",
"dateReserved": "2024-03-07T23:53:27.661Z",
"dateUpdated": "2025-02-13T17:33:46.314Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-2312",
"date": "2026-04-15",
"epss": "0.00021",
"percentile": "0.0548"
},
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu\u0027s peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.\"}, {\"lang\": \"es\", \"value\": \"GRUB2 no llama a las funciones fini del m\\u00f3dulo al salir, lo que hace que el m\\u00f3dulo peimage GRUB2 de Debian/Ubuntu deje los ganchos de la tabla del sistema UEFI despu\\u00e9s de la salida. Esto conduce a una condici\\u00f3n de use-after-free y posiblemente podr\\u00eda conducir a una omisi\\u00f3n de arranque segura.\"}]",
"id": "CVE-2024-2312",
"lastModified": "2024-11-21T09:09:29.133",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"security@ubuntu.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 6.7, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.8, \"impactScore\": 5.9}]}",
"published": "2024-04-05T20:15:09.020",
"references": "[{\"url\": \"https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127\", \"source\": \"security@ubuntu.com\"}, {\"url\": \"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2312\", \"source\": \"security@ubuntu.com\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240426-0003/\", \"source\": \"security@ubuntu.com\"}, {\"url\": \"https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2312\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240426-0003/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "security@ubuntu.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-416\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-2312\",\"sourceIdentifier\":\"security@ubuntu.com\",\"published\":\"2024-04-05T20:15:09.020\",\"lastModified\":\"2025-08-26T17:17:34.323\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu\u0027s peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.\"},{\"lang\":\"es\",\"value\":\"GRUB2 no llama a las funciones fini del m\u00f3dulo al salir, lo que hace que el m\u00f3dulo peimage GRUB2 de Debian/Ubuntu deje los ganchos de la tabla del sistema UEFI despu\u00e9s de la salida. Esto conduce a una condici\u00f3n de use-after-free y posiblemente podr\u00eda conducir a una omisi\u00f3n de arranque segura.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@ubuntu.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.12-1ubuntu5\",\"matchCriteriaId\":\"AB8E628D-0E77-406B-A205-1065F9680576\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95BA156C-C977-4F0C-8DFB-3FAE9CC8C02D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD7447BC-F315-4298-A822-549942FC118B\"}]}]}],\"references\":[{\"url\":\"https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2312\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240426-0003/\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2312\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240426-0003/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"affected\": [{\"packageName\": \"grub2\", \"product\": \"Debian based GNU GRUB\", \"vendor\": \"Debian\", \"repo\": \"https://git.savannah.gnu.org/cgit/grub.git\", \"platforms\": [\"Linux\"], \"versions\": [{\"lessThan\": \"2.12-1ubuntu5\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\"}]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu\u0027s peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.\"}], \"references\": [{\"tags\": [\"issue-tracking\"], \"url\": \"https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127\"}, {\"tags\": [\"issue-tracking\"], \"url\": \"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2312\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240426-0003/\"}], \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Mate Kukri\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 6.7, \"baseSeverity\": \"MEDIUM\"}}], \"providerMetadata\": {\"orgId\": \"cc1ad9ee-3454-478d-9317-d3e869d708bc\", \"shortName\": \"canonical\", \"dateUpdated\": \"2024-04-05T19:40:02.848Z\"}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T19:11:52.852Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"tags\": [\"issue-tracking\", \"x_transferred\"], \"url\": \"https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127\"}, {\"tags\": [\"issue-tracking\", \"x_transferred\"], \"url\": \"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2312\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240426-0003/\", \"tags\": [\"x_transferred\"]}]}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-2312\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-21T15:39:12.205993Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:gnu:grub2:-:*:*:*:*:*:*:*\"], \"vendor\": \"gnu\", \"product\": \"grub2\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"2.12-1ubuntu5\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unknown\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416 Use After Free\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-21T15:40:09.796Z\"}}]}",
"cveMetadata": "{\"cveId\": \"CVE-2024-2312\", \"assignerOrgId\": \"cc1ad9ee-3454-478d-9317-d3e869d708bc\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"canonical\", \"dateReserved\": \"2024-03-07T23:53:27.661Z\", \"datePublished\": \"2024-04-05T19:40:02.848Z\", \"dateUpdated\": \"2024-08-29T17:44:12.763Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
MSRC_CVE-2024-2312
Vulnerability from csaf_microsoft - Published: 2024-04-02 07:00 - Updated: 2026-02-18 14:06Summary
GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
CWE-416
- Use After Free
References
| URL | Category | |
|---|---|---|
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2024-2312 GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu\u0027s peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-2312.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu\u0027s peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.",
"tracking": {
"current_release_date": "2026-02-18T14:06:41.000Z",
"generator": {
"date": "2026-02-20T23:42:45.315Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2024-2312",
"initial_release_date": "2024-04-02T07:00:00.000Z",
"revision_history": [
{
"date": "2025-09-03T23:49:50.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-02-18T14:06:41.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Information published."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"category": "product_name",
"name": "cbl2 grub2 2.06-14",
"product": {
"name": "cbl2 grub2 2.06-14",
"product_id": "1"
}
},
{
"category": "product_name",
"name": "azl3 grub2 2.06-24",
"product": {
"name": "azl3 grub2 2.06-24",
"product_id": "2"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 grub2 2.06-14 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 grub2 2.06-24 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2312",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"flags": [
{
"label": "component_not_present",
"product_ids": [
"17086-1",
"17084-2"
]
}
],
"notes": [
{
"category": "general",
"text": "canonical",
"title": "Assigning CNA"
}
],
"product_status": {
"known_not_affected": [
"17086-1",
"17084-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-2312 GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu\u0027s peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-2312.json"
}
],
"title": "GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu\u0027s peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass."
}
]
}
GSD-2024-2312
Vulnerability from gsd - Updated: 2024-03-08 06:02Details
GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-2312"
],
"details": "GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu\u0027s peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.",
"id": "GSD-2024-2312",
"modified": "2024-03-08T06:02:43.716911Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2024-2312",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Debian based GNU GRUB",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "0",
"version_value": "2.12-1ubuntu5"
}
]
}
}
]
},
"vendor_name": "Debian"
}
]
}
},
"credits": [
{
"lang": "en",
"value": "Mate Kukri"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu\u0027s peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127"
},
{
"name": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2312",
"refsource": "MISC",
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2312"
},
{
"name": "https://security.netapp.com/advisory/ntap-20240426-0003/",
"refsource": "MISC",
"url": "https://security.netapp.com/advisory/ntap-20240426-0003/"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"descriptions": [
{
"lang": "en",
"value": "GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu\u0027s peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass."
},
{
"lang": "es",
"value": "GRUB2 no llama a las funciones fini del m\u00f3dulo al salir, lo que hace que el m\u00f3dulo peimage GRUB2 de Debian/Ubuntu deje los ganchos de la tabla del sistema UEFI despu\u00e9s de la salida. Esto conduce a una condici\u00f3n de use-after-free y posiblemente podr\u00eda conducir a una omisi\u00f3n de arranque segura."
}
],
"id": "CVE-2024-2312",
"lastModified": "2024-04-26T09:15:12.073",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "security@ubuntu.com",
"type": "Secondary"
}
]
},
"published": "2024-04-05T20:15:09.020",
"references": [
{
"source": "security@ubuntu.com",
"url": "https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127"
},
{
"source": "security@ubuntu.com",
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2312"
},
{
"source": "security@ubuntu.com",
"url": "https://security.netapp.com/advisory/ntap-20240426-0003/"
}
],
"sourceIdentifier": "security@ubuntu.com",
"vulnStatus": "Awaiting Analysis"
}
}
}
}
GHSA-975V-WJ6R-FGJ8
Vulnerability from github – Published: 2024-04-05 21:32 – Updated: 2024-04-26 09:30
VLAI?
Details
GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.
Severity ?
6.7 (Medium)
{
"affected": [],
"aliases": [
"CVE-2024-2312"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-05T20:15:09Z",
"severity": "MODERATE"
},
"details": "GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu\u0027s peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.",
"id": "GHSA-975v-wj6r-fgj8",
"modified": "2024-04-26T09:30:33Z",
"published": "2024-04-05T21:32:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2312"
},
{
"type": "WEB",
"url": "https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127"
},
{
"type": "WEB",
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2312"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20240426-0003"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
OPENSUSE-RU-2026:20325-1
Vulnerability from csaf_opensuse - Published: 2026-03-05 14:21 - Updated: 2026-03-05 14:21Summary
Recommended update for shim
Severity
Moderate
Notes
Title of the patch: Recommended update for shim
Description of the patch: This update for shim fixes the following issues:
This update for shim fixes the following issues:
shim is updated to version 16.1:
- shim_start_image(): fix guid/handle pairing when uninstalling protocols
- Fix uncompressed ipv6 netboot
- fix test segfaults caused by uninitialized memory
- SbatLevel_Variable.txt: minor typo fix.
- Realloc() needs to allocate one more byte for sprintf()
- IPv6: Add more check to avoid multiple double colon and illegal char
- Loader proto v2
- loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages
- Generate Authenticode for the entire PE file
- README: mention new loader protocol and interaction with UKIs
- shim: change automatically enable MOK_POLICY_REQUIRE_NX
- Save var info
- add SbatLevel entry 2025051000 for PSA-2025-00012-1
- Coverity fixes 20250804
- fix http boot
- Fix double free and leak in the loader protocol
shim is updated to version 16.0:
- Validate that a supplied vendor cert is not in PEM format
- sbat: Add grub.peimage,2 to latest (CVE-2024-2312)
- sbat: Also bump latest for grub,4 (and to todays date)
- undo change that limits certificate files to a single file
- shim: don't set second_stage to the empty string
- Fix SBAT.md for today's consensus about numbers
- Update Code of Conduct contact address
- make-certs: Handle missing OpenSSL installation
- Update MokVars.txt
- export DEFINES for sub makefile
- Drop unused EFI_IMAGE_SECURITY_DATABASE_GUID definition
- Null-terminate 'arguments' in fallback
- Fix "Verifiying" typo in error message
- Update Fedora CI targets
- Force gcc to produce DWARF4 so that gdb can use it
- Minor housekeeping 2024121700
- Discard load-options that start with WINDOWS
- Fix the issue that the gBS->LoadImage pointer was empty.
- shim: Allow data after the end of device path node in load options
- Handle network file not found like disks
- Update gnu-efi submodule for EFI_HTTP_ERROR
- Increase EFI file alignment
- avoid EFIv2 runtime services on Apple x86 machines
- Improve shortcut performance when comparing two boolean expressions
- Provide better error message when MokManager is not found
- tpm: Boot with a warning if the event log is full
- MokManager: remove redundant logical constraints
- Test import_mok_state() when MokListRT would be bigger than available size
- test-mok-mirror: minor bug fix
- Fix file system browser hang when enrolling MOK from disk
- Ignore a minor clang-tidy nit
- Allow fallback to default loader when encountering errors on network boot
- test.mk: don't use a temporary random.bin
- pe: Enhance debug report for update_mem_attrs
- Multiple certificate handling improvements
- Generate SbatLevel Metadata from SbatLevel_Variable.txt
- Apply EKU check with compile option
- Add configuration option to boot an alternative 2nd stage
- Loader protocol (with Device Path resolution support)
- netboot cleanup for additional files
- Document how revocations can be delivered
- post-process-pe: add tests to validate NX compliance
- regression: CopyMem() in ad8692e copies out of bounds
- Save the debug and error logs in mok-variables
- Add features for the Host Security ID program
- Mirror some more efi variables to mok-variables
- This adds DXE Services measurements to HSI and uses them for NX
- Add shim's current NX_COMPAT status to HSIStatus
- README.tpm: reflect that vendor_db is in fact logged as "vendor_db"
- Reject HTTP message with duplicate Content-Length header fields
- Disable log saving
- fallback: don't add new boot order entries backwards
- README.tpm: Update MokList entry to MokListRT
- SBAT Level update for February 2025 GRUB CVEs
Patchnames: openSUSE-Leap-16.0-358
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for shim",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for shim fixes the following issues:\n\nThis update for shim fixes the following issues:\n\nshim is updated to version 16.1:\n\n- shim_start_image(): fix guid/handle pairing when uninstalling protocols\n- Fix uncompressed ipv6 netboot\n- fix test segfaults caused by uninitialized memory\n- SbatLevel_Variable.txt: minor typo fix.\n- Realloc() needs to allocate one more byte for sprintf()\n- IPv6: Add more check to avoid multiple double colon and illegal char\n- Loader proto v2\n- loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages\n- Generate Authenticode for the entire PE file\n- README: mention new loader protocol and interaction with UKIs\n- shim: change automatically enable MOK_POLICY_REQUIRE_NX\n- Save var info\n- add SbatLevel entry 2025051000 for PSA-2025-00012-1\n- Coverity fixes 20250804\n- fix http boot\n- Fix double free and leak in the loader protocol\n\n\nshim is updated to version 16.0:\n\n\n- Validate that a supplied vendor cert is not in PEM format\n- sbat: Add grub.peimage,2 to latest (CVE-2024-2312)\n- sbat: Also bump latest for grub,4 (and to todays date)\n- undo change that limits certificate files to a single file\n- shim: don\u0027t set second_stage to the empty string\n- Fix SBAT.md for today\u0027s consensus about numbers\n- Update Code of Conduct contact address\n- make-certs: Handle missing OpenSSL installation\n- Update MokVars.txt\n- export DEFINES for sub makefile\n- Drop unused EFI_IMAGE_SECURITY_DATABASE_GUID definition\n- Null-terminate \u0027arguments\u0027 in fallback\n- Fix \"Verifiying\" typo in error message\n- Update Fedora CI targets\n- Force gcc to produce DWARF4 so that gdb can use it\n- Minor housekeeping 2024121700\n- Discard load-options that start with WINDOWS\n- Fix the issue that the gBS-\u003eLoadImage pointer was empty.\n- shim: Allow data after the end of device path node in load options\n- Handle network file not found like disks\n- Update gnu-efi submodule for EFI_HTTP_ERROR\n- Increase EFI file alignment\n- avoid EFIv2 runtime services on Apple x86 machines\n- Improve shortcut performance when comparing two boolean expressions\n- Provide better error message when MokManager is not found\n- tpm: Boot with a warning if the event log is full\n- MokManager: remove redundant logical constraints\n- Test import_mok_state() when MokListRT would be bigger than available size\n- test-mok-mirror: minor bug fix\n- Fix file system browser hang when enrolling MOK from disk\n- Ignore a minor clang-tidy nit\n- Allow fallback to default loader when encountering errors on network boot\n- test.mk: don\u0027t use a temporary random.bin\n- pe: Enhance debug report for update_mem_attrs\n- Multiple certificate handling improvements\n- Generate SbatLevel Metadata from SbatLevel_Variable.txt\n- Apply EKU check with compile option\n- Add configuration option to boot an alternative 2nd stage\n- Loader protocol (with Device Path resolution support)\n- netboot cleanup for additional files\n- Document how revocations can be delivered\n- post-process-pe: add tests to validate NX compliance\n- regression: CopyMem() in ad8692e copies out of bounds\n- Save the debug and error logs in mok-variables\n- Add features for the Host Security ID program\n- Mirror some more efi variables to mok-variables\n- This adds DXE Services measurements to HSI and uses them for NX\n- Add shim\u0027s current NX_COMPAT status to HSIStatus\n- README.tpm: reflect that vendor_db is in fact logged as \"vendor_db\"\n- Reject HTTP message with duplicate Content-Length header fields\n- Disable log saving\n- fallback: don\u0027t add new boot order entries backwards\n- README.tpm: Update MokList entry to MokListRT\n- SBAT Level update for February 2025 GRUB CVEs\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-358",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-ru-2026_20325-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1205588",
"url": "https://bugzilla.suse.com/1205588"
},
{
"category": "self",
"summary": "SUSE Bug 1247432",
"url": "https://bugzilla.suse.com/1247432"
},
{
"category": "self",
"summary": "SUSE Bug 1254336",
"url": "https://bugzilla.suse.com/1254336"
},
{
"category": "self",
"summary": "SUSE Bug 1254679",
"url": "https://bugzilla.suse.com/1254679"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-2312 page",
"url": "https://www.suse.com/security/cve/CVE-2024-2312/"
}
],
"title": "Recommended update for shim",
"tracking": {
"current_release_date": "2026-03-05T14:21:04Z",
"generator": {
"date": "2026-03-05T14:21:04Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-RU-2026:20325-1",
"initial_release_date": "2026-03-05T14:21:04Z",
"revision_history": [
{
"date": "2026-03-05T14:21:04Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "shim-16.1-160000.1.1.aarch64",
"product": {
"name": "shim-16.1-160000.1.1.aarch64",
"product_id": "shim-16.1-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "shim-16.1-160000.1.1.x86_64",
"product": {
"name": "shim-16.1-160000.1.1.x86_64",
"product_id": "shim-16.1-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-160000.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:shim-16.1-160000.1.1.aarch64"
},
"product_reference": "shim-16.1-160000.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-160000.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:shim-16.1-160000.1.1.x86_64"
},
"product_reference": "shim-16.1-160000.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2312",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-2312"
}
],
"notes": [
{
"category": "general",
"text": "GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu\u0027s peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:shim-16.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:shim-16.1-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-2312",
"url": "https://www.suse.com/security/cve/CVE-2024-2312"
},
{
"category": "external",
"summary": "SUSE Bug 1222868 for CVE-2024-2312",
"url": "https://bugzilla.suse.com/1222868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:shim-16.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:shim-16.1-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:shim-16.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:shim-16.1-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-05T14:21:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-2312"
}
]
}
SUSE-SU-2026:0741-1
Vulnerability from csaf_suse - Published: 2026-03-02 08:11 - Updated: 2026-03-02 08:11Summary
Security update for shim
Severity
Moderate
Notes
Title of the patch: Security update for shim
Description of the patch:
This update for shim fixes the following issues:
shim is updated to version 16.1:
- shim_start_image(): fix guid/handle pairing when uninstalling protocols
- Fix uncompressed ipv6 netboot
- fix test segfaults caused by uninitialized memory
- SbatLevel_Variable.txt: minor typo fix.
- Realloc() needs to allocate one more byte for sprintf()
- IPv6: Add more check to avoid multiple double colon and illegal char
- Loader proto v2
- loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages
- Generate Authenticode for the entire PE file
- README: mention new loader protocol and interaction with UKIs
- shim: change automatically enable MOK_POLICY_REQUIRE_NX
- Save var info
- add SbatLevel entry 2025051000 for PSA-2025-00012-1
- Coverity fixes 20250804
- fix http boot
- Fix double free and leak in the loader protocol
shim is updated to version 16.0:
- Validate that a supplied vendor cert is not in PEM format
- sbat: Add grub.peimage,2 to latest (CVE-2024-2312)
- sbat: Also bump latest for grub,4 (and to todays date)
- undo change that limits certificate files to a single file
- shim: don't set second_stage to the empty string
- Fix SBAT.md for today's consensus about numbers
- Update Code of Conduct contact address
- make-certs: Handle missing OpenSSL installation
- Update MokVars.txt
- export DEFINES for sub makefile
- Drop unused EFI_IMAGE_SECURITY_DATABASE_GUID definition
- Null-terminate 'arguments' in fallback
- Fix 'Verifiying' typo in error message
- Update Fedora CI targets
- Force gcc to produce DWARF4 so that gdb can use it
- Minor housekeeping 2024121700
- Discard load-options that start with WINDOWS
- Fix the issue that the gBS->LoadImage pointer was empty.
- shim: Allow data after the end of device path node in load options
- Handle network file not found like disks
- Update gnu-efi submodule for EFI_HTTP_ERROR
- Increase EFI file alignment
- avoid EFIv2 runtime services on Apple x86 machines
- Improve shortcut performance when comparing two boolean expressions
- Provide better error message when MokManager is not found
- tpm: Boot with a warning if the event log is full
- MokManager: remove redundant logical constraints
- Test import_mok_state() when MokListRT would be bigger than available size
- test-mok-mirror: minor bug fix
- Fix file system browser hang when enrolling MOK from disk
- Ignore a minor clang-tidy nit
- Allow fallback to default loader when encountering errors on network boot
- test.mk: don't use a temporary random.bin
- pe: Enhance debug report for update_mem_attrs
- Multiple certificate handling improvements
- Generate SbatLevel Metadata from SbatLevel_Variable.txt
- Apply EKU check with compile option
- Add configuration option to boot an alternative 2nd stage
- Loader protocol (with Device Path resolution support)
- netboot cleanup for additional files
- Document how revocations can be delivered
- post-process-pe: add tests to validate NX compliance
- regression: CopyMem() in ad8692e copies out of bounds
- Save the debug and error logs in mok-variables
- Add features for the Host Security ID program
- Mirror some more efi variables to mok-variables
- This adds DXE Services measurements to HSI and uses them for NX
- Add shim's current NX_COMPAT status to HSIStatus
- README.tpm: reflect that vendor_db is in fact logged as 'vendor_db'
- Reject HTTP message with duplicate Content-Length header fields
- Disable log saving
- fallback: don't add new boot order entries backwards
- README.tpm: Update MokList entry to MokListRT
- SBAT Level update for February 2025 GRUB CVEs
Patchnames: SUSE-2026-741,SUSE-SLE-Micro-5.3-2026-741,SUSE-SLE-Micro-5.4-2026-741,SUSE-SLE-Micro-5.5-2026-741,SUSE-SLE-Module-Basesystem-15-SP7-2026-741,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-741,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-741,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-741,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-741,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-741,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-741,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-741,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-741,SUSE-SUSE-MicroOS-5.2-2026-741,openSUSE-SLE-15.6-2026-741
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for shim",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for shim fixes the following issues:\n\nshim is updated to version 16.1:\n\n- shim_start_image(): fix guid/handle pairing when uninstalling protocols\n- Fix uncompressed ipv6 netboot\n- fix test segfaults caused by uninitialized memory\n- SbatLevel_Variable.txt: minor typo fix.\n- Realloc() needs to allocate one more byte for sprintf()\n- IPv6: Add more check to avoid multiple double colon and illegal char\n- Loader proto v2\n- loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages\n- Generate Authenticode for the entire PE file\n- README: mention new loader protocol and interaction with UKIs\n- shim: change automatically enable MOK_POLICY_REQUIRE_NX\n- Save var info\n- add SbatLevel entry 2025051000 for PSA-2025-00012-1\n- Coverity fixes 20250804\n- fix http boot\n- Fix double free and leak in the loader protocol\n\n\nshim is updated to version 16.0:\n\n\n- Validate that a supplied vendor cert is not in PEM format\n- sbat: Add grub.peimage,2 to latest (CVE-2024-2312)\n- sbat: Also bump latest for grub,4 (and to todays date)\n- undo change that limits certificate files to a single file\n- shim: don\u0027t set second_stage to the empty string\n- Fix SBAT.md for today\u0027s consensus about numbers\n- Update Code of Conduct contact address\n- make-certs: Handle missing OpenSSL installation\n- Update MokVars.txt\n- export DEFINES for sub makefile\n- Drop unused EFI_IMAGE_SECURITY_DATABASE_GUID definition\n- Null-terminate \u0027arguments\u0027 in fallback\n- Fix \u0027Verifiying\u0027 typo in error message\n- Update Fedora CI targets\n- Force gcc to produce DWARF4 so that gdb can use it\n- Minor housekeeping 2024121700\n- Discard load-options that start with WINDOWS\n- Fix the issue that the gBS-\u003eLoadImage pointer was empty.\n- shim: Allow data after the end of device path node in load options\n- Handle network file not found like disks\n- Update gnu-efi submodule for EFI_HTTP_ERROR\n- Increase EFI file alignment\n- avoid EFIv2 runtime services on Apple x86 machines\n- Improve shortcut performance when comparing two boolean expressions\n- Provide better error message when MokManager is not found\n- tpm: Boot with a warning if the event log is full\n- MokManager: remove redundant logical constraints\n- Test import_mok_state() when MokListRT would be bigger than available size\n- test-mok-mirror: minor bug fix\n- Fix file system browser hang when enrolling MOK from disk\n- Ignore a minor clang-tidy nit\n- Allow fallback to default loader when encountering errors on network boot\n- test.mk: don\u0027t use a temporary random.bin\n- pe: Enhance debug report for update_mem_attrs\n- Multiple certificate handling improvements\n- Generate SbatLevel Metadata from SbatLevel_Variable.txt\n- Apply EKU check with compile option\n- Add configuration option to boot an alternative 2nd stage\n- Loader protocol (with Device Path resolution support)\n- netboot cleanup for additional files\n- Document how revocations can be delivered\n- post-process-pe: add tests to validate NX compliance\n- regression: CopyMem() in ad8692e copies out of bounds\n- Save the debug and error logs in mok-variables\n- Add features for the Host Security ID program\n- Mirror some more efi variables to mok-variables\n- This adds DXE Services measurements to HSI and uses them for NX\n- Add shim\u0027s current NX_COMPAT status to HSIStatus\n- README.tpm: reflect that vendor_db is in fact logged as \u0027vendor_db\u0027\n- Reject HTTP message with duplicate Content-Length header fields\n- Disable log saving\n- fallback: don\u0027t add new boot order entries backwards\n- README.tpm: Update MokList entry to MokListRT\n- SBAT Level update for February 2025 GRUB CVEs\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-741,SUSE-SLE-Micro-5.3-2026-741,SUSE-SLE-Micro-5.4-2026-741,SUSE-SLE-Micro-5.5-2026-741,SUSE-SLE-Module-Basesystem-15-SP7-2026-741,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-741,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-741,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-741,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-741,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-741,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-741,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-741,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-741,SUSE-SUSE-MicroOS-5.2-2026-741,openSUSE-SLE-15.6-2026-741",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0741-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0741-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260741-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0741-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024522.html"
},
{
"category": "self",
"summary": "SUSE Bug 1240871",
"url": "https://bugzilla.suse.com/1240871"
},
{
"category": "self",
"summary": "SUSE Bug 1247432",
"url": "https://bugzilla.suse.com/1247432"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-2312 page",
"url": "https://www.suse.com/security/cve/CVE-2024-2312/"
}
],
"title": "Security update for shim",
"tracking": {
"current_release_date": "2026-03-02T08:11:15Z",
"generator": {
"date": "2026-03-02T08:11:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0741-1",
"initial_release_date": "2026-03-02T08:11:15Z",
"revision_history": [
{
"date": "2026-03-02T08:11:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "shim-16.1-150300.4.31.3.aarch64",
"product": {
"name": "shim-16.1-150300.4.31.3.aarch64",
"product_id": "shim-16.1-150300.4.31.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "shim-16.1-150300.4.31.3.x86_64",
"product": {
"name": "shim-16.1-150300.4.31.3.x86_64",
"product_id": "shim-16.1-150300.4.31.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:shim-16.1-150300.4.31.3.aarch64"
},
"product_reference": "shim-16.1-150300.4.31.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:shim-16.1-150300.4.31.3.x86_64"
},
"product_reference": "shim-16.1-150300.4.31.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:shim-16.1-150300.4.31.3.aarch64"
},
"product_reference": "shim-16.1-150300.4.31.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:shim-16.1-150300.4.31.3.x86_64"
},
"product_reference": "shim-16.1-150300.4.31.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:shim-16.1-150300.4.31.3.aarch64"
},
"product_reference": "shim-16.1-150300.4.31.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:shim-16.1-150300.4.31.3.x86_64"
},
"product_reference": "shim-16.1-150300.4.31.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:shim-16.1-150300.4.31.3.aarch64"
},
"product_reference": "shim-16.1-150300.4.31.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:shim-16.1-150300.4.31.3.x86_64"
},
"product_reference": "shim-16.1-150300.4.31.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:shim-16.1-150300.4.31.3.aarch64"
},
"product_reference": "shim-16.1-150300.4.31.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:shim-16.1-150300.4.31.3.x86_64"
},
"product_reference": "shim-16.1-150300.4.31.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:shim-16.1-150300.4.31.3.aarch64"
},
"product_reference": "shim-16.1-150300.4.31.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:shim-16.1-150300.4.31.3.x86_64"
},
"product_reference": "shim-16.1-150300.4.31.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:shim-16.1-150300.4.31.3.aarch64"
},
"product_reference": "shim-16.1-150300.4.31.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:shim-16.1-150300.4.31.3.x86_64"
},
"product_reference": "shim-16.1-150300.4.31.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:shim-16.1-150300.4.31.3.aarch64"
},
"product_reference": "shim-16.1-150300.4.31.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:shim-16.1-150300.4.31.3.x86_64"
},
"product_reference": "shim-16.1-150300.4.31.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:shim-16.1-150300.4.31.3.aarch64"
},
"product_reference": "shim-16.1-150300.4.31.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:shim-16.1-150300.4.31.3.x86_64"
},
"product_reference": "shim-16.1-150300.4.31.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:shim-16.1-150300.4.31.3.aarch64"
},
"product_reference": "shim-16.1-150300.4.31.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:shim-16.1-150300.4.31.3.x86_64"
},
"product_reference": "shim-16.1-150300.4.31.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:shim-16.1-150300.4.31.3.x86_64"
},
"product_reference": "shim-16.1-150300.4.31.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:shim-16.1-150300.4.31.3.x86_64"
},
"product_reference": "shim-16.1-150300.4.31.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:shim-16.1-150300.4.31.3.aarch64"
},
"product_reference": "shim-16.1-150300.4.31.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:shim-16.1-150300.4.31.3.x86_64"
},
"product_reference": "shim-16.1-150300.4.31.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:shim-16.1-150300.4.31.3.aarch64"
},
"product_reference": "shim-16.1-150300.4.31.3.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-150300.4.31.3.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:shim-16.1-150300.4.31.3.x86_64"
},
"product_reference": "shim-16.1-150300.4.31.3.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2312",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-2312"
}
],
"notes": [
{
"category": "general",
"text": "GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu\u0027s peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Micro 5.2:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise Micro 5.2:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Micro 5.3:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise Micro 5.3:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Micro 5.4:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise Micro 5.4:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Micro 5.5:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise Micro 5.5:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:shim-16.1-150300.4.31.3.x86_64",
"openSUSE Leap 15.6:shim-16.1-150300.4.31.3.aarch64",
"openSUSE Leap 15.6:shim-16.1-150300.4.31.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-2312",
"url": "https://www.suse.com/security/cve/CVE-2024-2312"
},
{
"category": "external",
"summary": "SUSE Bug 1222868 for CVE-2024-2312",
"url": "https://bugzilla.suse.com/1222868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Micro 5.2:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise Micro 5.2:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Micro 5.3:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise Micro 5.3:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Micro 5.4:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise Micro 5.4:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Micro 5.5:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise Micro 5.5:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:shim-16.1-150300.4.31.3.x86_64",
"openSUSE Leap 15.6:shim-16.1-150300.4.31.3.aarch64",
"openSUSE Leap 15.6:shim-16.1-150300.4.31.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Micro 5.2:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise Micro 5.2:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Micro 5.3:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise Micro 5.3:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Micro 5.4:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise Micro 5.4:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Micro 5.5:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise Micro 5.5:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:shim-16.1-150300.4.31.3.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:shim-16.1-150300.4.31.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:shim-16.1-150300.4.31.3.x86_64",
"openSUSE Leap 15.6:shim-16.1-150300.4.31.3.aarch64",
"openSUSE Leap 15.6:shim-16.1-150300.4.31.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-02T08:11:15Z",
"details": "moderate"
}
],
"title": "CVE-2024-2312"
}
]
}
SUSE-RU-2026:20056-1
Vulnerability from csaf_suse - Published: 2026-01-01 13:54 - Updated: 2026-01-01 13:54Summary
Recommended update for shim
Severity
Important
Notes
Title of the patch: Recommended update for shim
Description of the patch: This update for shim fixes the following issues:
This update for shim fixes the following issues:
shim is updated to version 16.1:
- shim_start_image(): fix guid/handle pairing when uninstalling protocols
- Fix uncompressed ipv6 netboot
- fix test segfaults caused by uninitialized memory
- SbatLevel_Variable.txt: minor typo fix.
- Realloc() needs to allocate one more byte for sprintf()
- IPv6: Add more check to avoid multiple double colon and illegal char
- Loader proto v2
- loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages
- Generate Authenticode for the entire PE file
- README: mention new loader protocol and interaction with UKIs
- shim: change automatically enable MOK_POLICY_REQUIRE_NX
- Save var info
- add SbatLevel entry 2025051000 for PSA-2025-00012-1
- Coverity fixes 20250804
- fix http boot
- Fix double free and leak in the loader protocol
shim is updated to version 16.0:
- Validate that a supplied vendor cert is not in PEM format
- sbat: Add grub.peimage,2 to latest (CVE-2024-2312)
- sbat: Also bump latest for grub,4 (and to todays date)
- undo change that limits certificate files to a single file
- shim: don't set second_stage to the empty string
- Fix SBAT.md for today's consensus about numbers
- Update Code of Conduct contact address
- make-certs: Handle missing OpenSSL installation
- Update MokVars.txt
- export DEFINES for sub makefile
- Drop unused EFI_IMAGE_SECURITY_DATABASE_GUID definition
- Null-terminate 'arguments' in fallback
- Fix "Verifiying" typo in error message
- Update Fedora CI targets
- Force gcc to produce DWARF4 so that gdb can use it
- Minor housekeeping 2024121700
- Discard load-options that start with WINDOWS
- Fix the issue that the gBS->LoadImage pointer was empty.
- shim: Allow data after the end of device path node in load options
- Handle network file not found like disks
- Update gnu-efi submodule for EFI_HTTP_ERROR
- Increase EFI file alignment
- avoid EFIv2 runtime services on Apple x86 machines
- Improve shortcut performance when comparing two boolean expressions
- Provide better error message when MokManager is not found
- tpm: Boot with a warning if the event log is full
- MokManager: remove redundant logical constraints
- Test import_mok_state() when MokListRT would be bigger than available size
- test-mok-mirror: minor bug fix
- Fix file system browser hang when enrolling MOK from disk
- Ignore a minor clang-tidy nit
- Allow fallback to default loader when encountering errors on network boot
- test.mk: don't use a temporary random.bin
- pe: Enhance debug report for update_mem_attrs
- Multiple certificate handling improvements
- Generate SbatLevel Metadata from SbatLevel_Variable.txt
- Apply EKU check with compile option
- Add configuration option to boot an alternative 2nd stage
- Loader protocol (with Device Path resolution support)
- netboot cleanup for additional files
- Document how revocations can be delivered
- post-process-pe: add tests to validate NX compliance
- regression: CopyMem() in ad8692e copies out of bounds
- Save the debug and error logs in mok-variables
- Add features for the Host Security ID program
- Mirror some more efi variables to mok-variables
- This adds DXE Services measurements to HSI and uses them for NX
- Add shim's current NX_COMPAT status to HSIStatus
- README.tpm: reflect that vendor_db is in fact logged as "vendor_db"
- Reject HTTP message with duplicate Content-Length header fields
- Disable log saving
- fallback: don't add new boot order entries backwards
- README.tpm: Update MokList entry to MokListRT
- SBAT Level update for February 2025 GRUB CVEs
Patchnames: SUSE-SLE-Micro-6.1-363
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for shim",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for shim fixes the following issues:\n\nThis update for shim fixes the following issues:\n\nshim is updated to version 16.1:\n\n- shim_start_image(): fix guid/handle pairing when uninstalling protocols\n- Fix uncompressed ipv6 netboot\n- fix test segfaults caused by uninitialized memory\n- SbatLevel_Variable.txt: minor typo fix.\n- Realloc() needs to allocate one more byte for sprintf()\n- IPv6: Add more check to avoid multiple double colon and illegal char\n- Loader proto v2\n- loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages\n- Generate Authenticode for the entire PE file\n- README: mention new loader protocol and interaction with UKIs\n- shim: change automatically enable MOK_POLICY_REQUIRE_NX\n- Save var info\n- add SbatLevel entry 2025051000 for PSA-2025-00012-1\n- Coverity fixes 20250804\n- fix http boot\n- Fix double free and leak in the loader protocol\n\n\nshim is updated to version 16.0:\n\n\n- Validate that a supplied vendor cert is not in PEM format\n- sbat: Add grub.peimage,2 to latest (CVE-2024-2312)\n- sbat: Also bump latest for grub,4 (and to todays date)\n- undo change that limits certificate files to a single file\n- shim: don\u0027t set second_stage to the empty string\n- Fix SBAT.md for today\u0027s consensus about numbers\n- Update Code of Conduct contact address\n- make-certs: Handle missing OpenSSL installation\n- Update MokVars.txt\n- export DEFINES for sub makefile\n- Drop unused EFI_IMAGE_SECURITY_DATABASE_GUID definition\n- Null-terminate \u0027arguments\u0027 in fallback\n- Fix \"Verifiying\" typo in error message\n- Update Fedora CI targets\n- Force gcc to produce DWARF4 so that gdb can use it\n- Minor housekeeping 2024121700\n- Discard load-options that start with WINDOWS\n- Fix the issue that the gBS-\u003eLoadImage pointer was empty.\n- shim: Allow data after the end of device path node in load options\n- Handle network file not found like disks\n- Update gnu-efi submodule for EFI_HTTP_ERROR\n- Increase EFI file alignment\n- avoid EFIv2 runtime services on Apple x86 machines\n- Improve shortcut performance when comparing two boolean expressions\n- Provide better error message when MokManager is not found\n- tpm: Boot with a warning if the event log is full\n- MokManager: remove redundant logical constraints\n- Test import_mok_state() when MokListRT would be bigger than available size\n- test-mok-mirror: minor bug fix\n- Fix file system browser hang when enrolling MOK from disk\n- Ignore a minor clang-tidy nit\n- Allow fallback to default loader when encountering errors on network boot\n- test.mk: don\u0027t use a temporary random.bin\n- pe: Enhance debug report for update_mem_attrs\n- Multiple certificate handling improvements\n- Generate SbatLevel Metadata from SbatLevel_Variable.txt\n- Apply EKU check with compile option\n- Add configuration option to boot an alternative 2nd stage\n- Loader protocol (with Device Path resolution support)\n- netboot cleanup for additional files\n- Document how revocations can be delivered\n- post-process-pe: add tests to validate NX compliance\n- regression: CopyMem() in ad8692e copies out of bounds\n- Save the debug and error logs in mok-variables\n- Add features for the Host Security ID program\n- Mirror some more efi variables to mok-variables\n- This adds DXE Services measurements to HSI and uses them for NX\n- Add shim\u0027s current NX_COMPAT status to HSIStatus\n- README.tpm: reflect that vendor_db is in fact logged as \"vendor_db\"\n- Reject HTTP message with duplicate Content-Length header fields\n- Disable log saving\n- fallback: don\u0027t add new boot order entries backwards\n- README.tpm: Update MokList entry to MokListRT\n- SBAT Level update for February 2025 GRUB CVEs\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-363",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2026_20056-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-RU-2026:20056-1",
"url": "https://www.suse.com/support/update/announcement//suse-ru-202620056-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-RU-2026:20056-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-January/043471.html"
},
{
"category": "self",
"summary": "SUSE Bug 1205588",
"url": "https://bugzilla.suse.com/1205588"
},
{
"category": "self",
"summary": "SUSE Bug 1247432",
"url": "https://bugzilla.suse.com/1247432"
},
{
"category": "self",
"summary": "SUSE Bug 1254336",
"url": "https://bugzilla.suse.com/1254336"
},
{
"category": "self",
"summary": "SUSE Bug 1254679",
"url": "https://bugzilla.suse.com/1254679"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-2312 page",
"url": "https://www.suse.com/security/cve/CVE-2024-2312/"
}
],
"title": "Recommended update for shim",
"tracking": {
"current_release_date": "2026-01-01T13:54:36Z",
"generator": {
"date": "2026-01-01T13:54:36Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-RU-2026:20056-1",
"initial_release_date": "2026-01-01T13:54:36Z",
"revision_history": [
{
"date": "2026-01-01T13:54:36Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "shim-16.1-slfo.1.1_1.1.aarch64",
"product": {
"name": "shim-16.1-slfo.1.1_1.1.aarch64",
"product_id": "shim-16.1-slfo.1.1_1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "shim-16.1-slfo.1.1_1.1.x86_64",
"product": {
"name": "shim-16.1-slfo.1.1_1.1.x86_64",
"product_id": "shim-16.1-slfo.1.1_1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:shim-16.1-slfo.1.1_1.1.aarch64"
},
"product_reference": "shim-16.1-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:shim-16.1-slfo.1.1_1.1.x86_64"
},
"product_reference": "shim-16.1-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2312",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-2312"
}
],
"notes": [
{
"category": "general",
"text": "GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu\u0027s peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:shim-16.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:shim-16.1-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-2312",
"url": "https://www.suse.com/security/cve/CVE-2024-2312"
},
{
"category": "external",
"summary": "SUSE Bug 1222868 for CVE-2024-2312",
"url": "https://bugzilla.suse.com/1222868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:shim-16.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:shim-16.1-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:shim-16.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:shim-16.1-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-01T13:54:36Z",
"details": "moderate"
}
],
"title": "CVE-2024-2312"
}
]
}
SUSE-RU-2026:20004-1
Vulnerability from csaf_suse - Published: 2025-12-30 16:20 - Updated: 2025-12-30 16:20Summary
Recommended update for shim
Severity
Important
Notes
Title of the patch: Recommended update for shim
Description of the patch: This update for shim fixes the following issues:
This update for shim fixes the following issues:
shim is updated to version 16.1:
- shim_start_image(): fix guid/handle pairing when uninstalling protocols
- Fix uncompressed ipv6 netboot
- fix test segfaults caused by uninitialized memory
- SbatLevel_Variable.txt: minor typo fix.
- Realloc() needs to allocate one more byte for sprintf()
- IPv6: Add more check to avoid multiple double colon and illegal char
- Loader proto v2
- loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages
- Generate Authenticode for the entire PE file
- README: mention new loader protocol and interaction with UKIs
- shim: change automatically enable MOK_POLICY_REQUIRE_NX
- Save var info
- add SbatLevel entry 2025051000 for PSA-2025-00012-1
- Coverity fixes 20250804
- fix http boot
- Fix double free and leak in the loader protocol
shim is updated to version 16.0:
- Validate that a supplied vendor cert is not in PEM format
- sbat: Add grub.peimage,2 to latest (CVE-2024-2312)
- sbat: Also bump latest for grub,4 (and to todays date)
- undo change that limits certificate files to a single file
- shim: don't set second_stage to the empty string
- Fix SBAT.md for today's consensus about numbers
- Update Code of Conduct contact address
- make-certs: Handle missing OpenSSL installation
- Update MokVars.txt
- export DEFINES for sub makefile
- Drop unused EFI_IMAGE_SECURITY_DATABASE_GUID definition
- Null-terminate 'arguments' in fallback
- Fix "Verifiying" typo in error message
- Update Fedora CI targets
- Force gcc to produce DWARF4 so that gdb can use it
- Minor housekeeping 2024121700
- Discard load-options that start with WINDOWS
- Fix the issue that the gBS->LoadImage pointer was empty.
- shim: Allow data after the end of device path node in load options
- Handle network file not found like disks
- Update gnu-efi submodule for EFI_HTTP_ERROR
- Increase EFI file alignment
- avoid EFIv2 runtime services on Apple x86 machines
- Improve shortcut performance when comparing two boolean expressions
- Provide better error message when MokManager is not found
- tpm: Boot with a warning if the event log is full
- MokManager: remove redundant logical constraints
- Test import_mok_state() when MokListRT would be bigger than available size
- test-mok-mirror: minor bug fix
- Fix file system browser hang when enrolling MOK from disk
- Ignore a minor clang-tidy nit
- Allow fallback to default loader when encountering errors on network boot
- test.mk: don't use a temporary random.bin
- pe: Enhance debug report for update_mem_attrs
- Multiple certificate handling improvements
- Generate SbatLevel Metadata from SbatLevel_Variable.txt
- Apply EKU check with compile option
- Add configuration option to boot an alternative 2nd stage
- Loader protocol (with Device Path resolution support)
- netboot cleanup for additional files
- Document how revocations can be delivered
- post-process-pe: add tests to validate NX compliance
- regression: CopyMem() in ad8692e copies out of bounds
- Save the debug and error logs in mok-variables
- Add features for the Host Security ID program
- Mirror some more efi variables to mok-variables
- This adds DXE Services measurements to HSI and uses them for NX
- Add shim's current NX_COMPAT status to HSIStatus
- README.tpm: reflect that vendor_db is in fact logged as "vendor_db"
- Reject HTTP message with duplicate Content-Length header fields
- Disable log saving
- fallback: don't add new boot order entries backwards
- README.tpm: Update MokList entry to MokListRT
- SBAT Level update for February 2025 GRUB CVEs
Patchnames: SUSE-SLE-Micro-6.0-541
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for shim",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for shim fixes the following issues:\n\nThis update for shim fixes the following issues:\n\nshim is updated to version 16.1:\n\n- shim_start_image(): fix guid/handle pairing when uninstalling protocols\n- Fix uncompressed ipv6 netboot\n- fix test segfaults caused by uninitialized memory\n- SbatLevel_Variable.txt: minor typo fix.\n- Realloc() needs to allocate one more byte for sprintf()\n- IPv6: Add more check to avoid multiple double colon and illegal char\n- Loader proto v2\n- loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages\n- Generate Authenticode for the entire PE file\n- README: mention new loader protocol and interaction with UKIs\n- shim: change automatically enable MOK_POLICY_REQUIRE_NX\n- Save var info\n- add SbatLevel entry 2025051000 for PSA-2025-00012-1\n- Coverity fixes 20250804\n- fix http boot\n- Fix double free and leak in the loader protocol\n\n\nshim is updated to version 16.0:\n\n\n- Validate that a supplied vendor cert is not in PEM format\n- sbat: Add grub.peimage,2 to latest (CVE-2024-2312)\n- sbat: Also bump latest for grub,4 (and to todays date)\n- undo change that limits certificate files to a single file\n- shim: don\u0027t set second_stage to the empty string\n- Fix SBAT.md for today\u0027s consensus about numbers\n- Update Code of Conduct contact address\n- make-certs: Handle missing OpenSSL installation\n- Update MokVars.txt\n- export DEFINES for sub makefile\n- Drop unused EFI_IMAGE_SECURITY_DATABASE_GUID definition\n- Null-terminate \u0027arguments\u0027 in fallback\n- Fix \"Verifiying\" typo in error message\n- Update Fedora CI targets\n- Force gcc to produce DWARF4 so that gdb can use it\n- Minor housekeeping 2024121700\n- Discard load-options that start with WINDOWS\n- Fix the issue that the gBS-\u003eLoadImage pointer was empty.\n- shim: Allow data after the end of device path node in load options\n- Handle network file not found like disks\n- Update gnu-efi submodule for EFI_HTTP_ERROR\n- Increase EFI file alignment\n- avoid EFIv2 runtime services on Apple x86 machines\n- Improve shortcut performance when comparing two boolean expressions\n- Provide better error message when MokManager is not found\n- tpm: Boot with a warning if the event log is full\n- MokManager: remove redundant logical constraints\n- Test import_mok_state() when MokListRT would be bigger than available size\n- test-mok-mirror: minor bug fix\n- Fix file system browser hang when enrolling MOK from disk\n- Ignore a minor clang-tidy nit\n- Allow fallback to default loader when encountering errors on network boot\n- test.mk: don\u0027t use a temporary random.bin\n- pe: Enhance debug report for update_mem_attrs\n- Multiple certificate handling improvements\n- Generate SbatLevel Metadata from SbatLevel_Variable.txt\n- Apply EKU check with compile option\n- Add configuration option to boot an alternative 2nd stage\n- Loader protocol (with Device Path resolution support)\n- netboot cleanup for additional files\n- Document how revocations can be delivered\n- post-process-pe: add tests to validate NX compliance\n- regression: CopyMem() in ad8692e copies out of bounds\n- Save the debug and error logs in mok-variables\n- Add features for the Host Security ID program\n- Mirror some more efi variables to mok-variables\n- This adds DXE Services measurements to HSI and uses them for NX\n- Add shim\u0027s current NX_COMPAT status to HSIStatus\n- README.tpm: reflect that vendor_db is in fact logged as \"vendor_db\"\n- Reject HTTP message with duplicate Content-Length header fields\n- Disable log saving\n- fallback: don\u0027t add new boot order entries backwards\n- README.tpm: Update MokList entry to MokListRT\n- SBAT Level update for February 2025 GRUB CVEs\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-541",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2026_20004-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-RU-2026:20004-1",
"url": "https://www.suse.com/support/update/announcement//suse-ru-202620004-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-RU-2026:20004-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-January/043419.html"
},
{
"category": "self",
"summary": "SUSE Bug 1205588",
"url": "https://bugzilla.suse.com/1205588"
},
{
"category": "self",
"summary": "SUSE Bug 1247432",
"url": "https://bugzilla.suse.com/1247432"
},
{
"category": "self",
"summary": "SUSE Bug 1254336",
"url": "https://bugzilla.suse.com/1254336"
},
{
"category": "self",
"summary": "SUSE Bug 1254679",
"url": "https://bugzilla.suse.com/1254679"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-2312 page",
"url": "https://www.suse.com/security/cve/CVE-2024-2312/"
}
],
"title": "Recommended update for shim",
"tracking": {
"current_release_date": "2025-12-30T16:20:45Z",
"generator": {
"date": "2025-12-30T16:20:45Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-RU-2026:20004-1",
"initial_release_date": "2025-12-30T16:20:45Z",
"revision_history": [
{
"date": "2025-12-30T16:20:45Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "shim-16.1-1.1.aarch64",
"product": {
"name": "shim-16.1-1.1.aarch64",
"product_id": "shim-16.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "shim-16.1-1.1.x86_64",
"product": {
"name": "shim-16.1-1.1.x86_64",
"product_id": "shim-16.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-1.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:shim-16.1-1.1.aarch64"
},
"product_reference": "shim-16.1-1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-1.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:shim-16.1-1.1.x86_64"
},
"product_reference": "shim-16.1-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2312",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-2312"
}
],
"notes": [
{
"category": "general",
"text": "GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu\u0027s peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:shim-16.1-1.1.aarch64",
"SUSE Linux Micro 6.0:shim-16.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-2312",
"url": "https://www.suse.com/security/cve/CVE-2024-2312"
},
{
"category": "external",
"summary": "SUSE Bug 1222868 for CVE-2024-2312",
"url": "https://bugzilla.suse.com/1222868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:shim-16.1-1.1.aarch64",
"SUSE Linux Micro 6.0:shim-16.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:shim-16.1-1.1.aarch64",
"SUSE Linux Micro 6.0:shim-16.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-30T16:20:45Z",
"details": "moderate"
}
],
"title": "CVE-2024-2312"
}
]
}
SUSE-RU-2026:20683-1
Vulnerability from csaf_suse - Published: 2026-03-05 14:21 - Updated: 2026-03-05 14:21Summary
Recommended update for shim
Severity
Moderate
Notes
Title of the patch: Recommended update for shim
Description of the patch: This update for shim fixes the following issues:
This update for shim fixes the following issues:
shim is updated to version 16.1:
- shim_start_image(): fix guid/handle pairing when uninstalling protocols
- Fix uncompressed ipv6 netboot
- fix test segfaults caused by uninitialized memory
- SbatLevel_Variable.txt: minor typo fix.
- Realloc() needs to allocate one more byte for sprintf()
- IPv6: Add more check to avoid multiple double colon and illegal char
- Loader proto v2
- loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages
- Generate Authenticode for the entire PE file
- README: mention new loader protocol and interaction with UKIs
- shim: change automatically enable MOK_POLICY_REQUIRE_NX
- Save var info
- add SbatLevel entry 2025051000 for PSA-2025-00012-1
- Coverity fixes 20250804
- fix http boot
- Fix double free and leak in the loader protocol
shim is updated to version 16.0:
- Validate that a supplied vendor cert is not in PEM format
- sbat: Add grub.peimage,2 to latest (CVE-2024-2312)
- sbat: Also bump latest for grub,4 (and to todays date)
- undo change that limits certificate files to a single file
- shim: don't set second_stage to the empty string
- Fix SBAT.md for today's consensus about numbers
- Update Code of Conduct contact address
- make-certs: Handle missing OpenSSL installation
- Update MokVars.txt
- export DEFINES for sub makefile
- Drop unused EFI_IMAGE_SECURITY_DATABASE_GUID definition
- Null-terminate 'arguments' in fallback
- Fix "Verifiying" typo in error message
- Update Fedora CI targets
- Force gcc to produce DWARF4 so that gdb can use it
- Minor housekeeping 2024121700
- Discard load-options that start with WINDOWS
- Fix the issue that the gBS->LoadImage pointer was empty.
- shim: Allow data after the end of device path node in load options
- Handle network file not found like disks
- Update gnu-efi submodule for EFI_HTTP_ERROR
- Increase EFI file alignment
- avoid EFIv2 runtime services on Apple x86 machines
- Improve shortcut performance when comparing two boolean expressions
- Provide better error message when MokManager is not found
- tpm: Boot with a warning if the event log is full
- MokManager: remove redundant logical constraints
- Test import_mok_state() when MokListRT would be bigger than available size
- test-mok-mirror: minor bug fix
- Fix file system browser hang when enrolling MOK from disk
- Ignore a minor clang-tidy nit
- Allow fallback to default loader when encountering errors on network boot
- test.mk: don't use a temporary random.bin
- pe: Enhance debug report for update_mem_attrs
- Multiple certificate handling improvements
- Generate SbatLevel Metadata from SbatLevel_Variable.txt
- Apply EKU check with compile option
- Add configuration option to boot an alternative 2nd stage
- Loader protocol (with Device Path resolution support)
- netboot cleanup for additional files
- Document how revocations can be delivered
- post-process-pe: add tests to validate NX compliance
- regression: CopyMem() in ad8692e copies out of bounds
- Save the debug and error logs in mok-variables
- Add features for the Host Security ID program
- Mirror some more efi variables to mok-variables
- This adds DXE Services measurements to HSI and uses them for NX
- Add shim's current NX_COMPAT status to HSIStatus
- README.tpm: reflect that vendor_db is in fact logged as "vendor_db"
- Reject HTTP message with duplicate Content-Length header fields
- Disable log saving
- fallback: don't add new boot order entries backwards
- README.tpm: Update MokList entry to MokListRT
- SBAT Level update for February 2025 GRUB CVEs
Patchnames: SUSE-SL-Micro-6.2-358
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for shim",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for shim fixes the following issues:\n\nThis update for shim fixes the following issues:\n\nshim is updated to version 16.1:\n\n- shim_start_image(): fix guid/handle pairing when uninstalling protocols\n- Fix uncompressed ipv6 netboot\n- fix test segfaults caused by uninitialized memory\n- SbatLevel_Variable.txt: minor typo fix.\n- Realloc() needs to allocate one more byte for sprintf()\n- IPv6: Add more check to avoid multiple double colon and illegal char\n- Loader proto v2\n- loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages\n- Generate Authenticode for the entire PE file\n- README: mention new loader protocol and interaction with UKIs\n- shim: change automatically enable MOK_POLICY_REQUIRE_NX\n- Save var info\n- add SbatLevel entry 2025051000 for PSA-2025-00012-1\n- Coverity fixes 20250804\n- fix http boot\n- Fix double free and leak in the loader protocol\n\n\nshim is updated to version 16.0:\n\n\n- Validate that a supplied vendor cert is not in PEM format\n- sbat: Add grub.peimage,2 to latest (CVE-2024-2312)\n- sbat: Also bump latest for grub,4 (and to todays date)\n- undo change that limits certificate files to a single file\n- shim: don\u0027t set second_stage to the empty string\n- Fix SBAT.md for today\u0027s consensus about numbers\n- Update Code of Conduct contact address\n- make-certs: Handle missing OpenSSL installation\n- Update MokVars.txt\n- export DEFINES for sub makefile\n- Drop unused EFI_IMAGE_SECURITY_DATABASE_GUID definition\n- Null-terminate \u0027arguments\u0027 in fallback\n- Fix \"Verifiying\" typo in error message\n- Update Fedora CI targets\n- Force gcc to produce DWARF4 so that gdb can use it\n- Minor housekeeping 2024121700\n- Discard load-options that start with WINDOWS\n- Fix the issue that the gBS-\u003eLoadImage pointer was empty.\n- shim: Allow data after the end of device path node in load options\n- Handle network file not found like disks\n- Update gnu-efi submodule for EFI_HTTP_ERROR\n- Increase EFI file alignment\n- avoid EFIv2 runtime services on Apple x86 machines\n- Improve shortcut performance when comparing two boolean expressions\n- Provide better error message when MokManager is not found\n- tpm: Boot with a warning if the event log is full\n- MokManager: remove redundant logical constraints\n- Test import_mok_state() when MokListRT would be bigger than available size\n- test-mok-mirror: minor bug fix\n- Fix file system browser hang when enrolling MOK from disk\n- Ignore a minor clang-tidy nit\n- Allow fallback to default loader when encountering errors on network boot\n- test.mk: don\u0027t use a temporary random.bin\n- pe: Enhance debug report for update_mem_attrs\n- Multiple certificate handling improvements\n- Generate SbatLevel Metadata from SbatLevel_Variable.txt\n- Apply EKU check with compile option\n- Add configuration option to boot an alternative 2nd stage\n- Loader protocol (with Device Path resolution support)\n- netboot cleanup for additional files\n- Document how revocations can be delivered\n- post-process-pe: add tests to validate NX compliance\n- regression: CopyMem() in ad8692e copies out of bounds\n- Save the debug and error logs in mok-variables\n- Add features for the Host Security ID program\n- Mirror some more efi variables to mok-variables\n- This adds DXE Services measurements to HSI and uses them for NX\n- Add shim\u0027s current NX_COMPAT status to HSIStatus\n- README.tpm: reflect that vendor_db is in fact logged as \"vendor_db\"\n- Reject HTTP message with duplicate Content-Length header fields\n- Disable log saving\n- fallback: don\u0027t add new boot order entries backwards\n- README.tpm: Update MokList entry to MokListRT\n- SBAT Level update for February 2025 GRUB CVEs\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-358",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2026_20683-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-RU-2026:20683-1",
"url": "https://www.suse.com/support/update/announcement//suse-ru-202620683-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-RU-2026:20683-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-March/044785.html"
},
{
"category": "self",
"summary": "SUSE Bug 1205588",
"url": "https://bugzilla.suse.com/1205588"
},
{
"category": "self",
"summary": "SUSE Bug 1247432",
"url": "https://bugzilla.suse.com/1247432"
},
{
"category": "self",
"summary": "SUSE Bug 1254336",
"url": "https://bugzilla.suse.com/1254336"
},
{
"category": "self",
"summary": "SUSE Bug 1254679",
"url": "https://bugzilla.suse.com/1254679"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-2312 page",
"url": "https://www.suse.com/security/cve/CVE-2024-2312/"
}
],
"title": "Recommended update for shim",
"tracking": {
"current_release_date": "2026-03-05T14:21:04Z",
"generator": {
"date": "2026-03-05T14:21:04Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-RU-2026:20683-1",
"initial_release_date": "2026-03-05T14:21:04Z",
"revision_history": [
{
"date": "2026-03-05T14:21:04Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "shim-16.1-160000.1.1.aarch64",
"product": {
"name": "shim-16.1-160000.1.1.aarch64",
"product_id": "shim-16.1-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "shim-16.1-160000.1.1.x86_64",
"product": {
"name": "shim-16.1-160000.1.1.x86_64",
"product_id": "shim-16.1-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:transactional"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-160000.1.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:shim-16.1-160000.1.1.aarch64"
},
"product_reference": "shim-16.1-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shim-16.1-160000.1.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:shim-16.1-160000.1.1.x86_64"
},
"product_reference": "shim-16.1-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2312",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-2312"
}
],
"notes": [
{
"category": "general",
"text": "GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu\u0027s peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:shim-16.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:shim-16.1-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-2312",
"url": "https://www.suse.com/security/cve/CVE-2024-2312"
},
{
"category": "external",
"summary": "SUSE Bug 1222868 for CVE-2024-2312",
"url": "https://bugzilla.suse.com/1222868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:shim-16.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:shim-16.1-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:shim-16.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:shim-16.1-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-05T14:21:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-2312"
}
]
}
CNVD-2025-12120
Vulnerability from cnvd - Published: 2025-06-10
VLAI Severity ?
Title
GNU GRUB2释放后重用漏洞
Description
GNU GRUB2是美国GNU社区的一款Linux系统引导程序。
GNU GRUB2存在释放后重用漏洞,该漏洞源于程序负责释放内存的指令发生混乱。攻击者可利用该漏洞导致程序崩溃,任意代码执行等。
Severity
中
Patch Name
GNU GRUB2释放后重用漏洞的补丁
Patch Description
GNU GRUB2是美国GNU社区的一款Linux系统引导程序。
GNU GRUB2存在释放后重用漏洞,该漏洞源于程序负责释放内存的指令发生混乱。攻击者可利用该漏洞导致程序崩溃,任意代码执行等。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级程序修复该安全问题,详情见厂商官网: https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127
Reference
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004
Impacted products
| Name | GNU GRUB2 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2024-2312",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-2312"
}
},
"description": "GNU GRUB2\u662f\u7f8e\u56fdGNU\u793e\u533a\u7684\u4e00\u6b3eLinux\u7cfb\u7edf\u5f15\u5bfc\u7a0b\u5e8f\u3002\n\nGNU GRUB2\u5b58\u5728\u91ca\u653e\u540e\u91cd\u7528\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u8d1f\u8d23\u91ca\u653e\u5185\u5b58\u7684\u6307\u4ee4\u53d1\u751f\u6df7\u4e71\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7a0b\u5e8f\u5d29\u6e83\uff0c\u4efb\u610f\u4ee3\u7801\u6267\u884c\u7b49\u3002",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u7a0b\u5e8f\u4fee\u590d\u8be5\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u89c1\u5382\u5546\u5b98\u7f51\uff1a\r\nhttps://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2025-12120",
"openTime": "2025-06-10",
"patchDescription": "GNU GRUB2\u662f\u7f8e\u56fdGNU\u793e\u533a\u7684\u4e00\u6b3eLinux\u7cfb\u7edf\u5f15\u5bfc\u7a0b\u5e8f\u3002\r\n\r\nGNU GRUB2\u5b58\u5728\u91ca\u653e\u540e\u91cd\u7528\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u8d1f\u8d23\u91ca\u653e\u5185\u5b58\u7684\u6307\u4ee4\u53d1\u751f\u6df7\u4e71\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7a0b\u5e8f\u5d29\u6e83\uff0c\u4efb\u610f\u4ee3\u7801\u6267\u884c\u7b49\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "GNU GRUB2\u91ca\u653e\u540e\u91cd\u7528\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "GNU GRUB2"
},
"referenceLink": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004",
"serverity": "\u4e2d",
"submitTime": "2024-04-10",
"title": "GNU GRUB2\u91ca\u653e\u540e\u91cd\u7528\u6f0f\u6d1e"
}
FKIE_CVE-2024-2312
Vulnerability from fkie_nvd - Published: 2024-04-05 20:15 - Updated: 2025-08-26 17:17
Severity ?
Summary
GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.
References
| URL | Tags | ||
|---|---|---|---|
| security@ubuntu.com | https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127 | Exploit, Issue Tracking, Patch | |
| security@ubuntu.com | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2312 | Third Party Advisory | |
| security@ubuntu.com | https://security.netapp.com/advisory/ntap-20240426-0003/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127 | Exploit, Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2312 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20240426-0003/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | grub2 | * | |
| netapp | bootstrap_os | - | |
| netapp | hci_compute_node | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB8E628D-0E77-406B-A205-1065F9680576",
"versionEndExcluding": "2.12-1ubuntu5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95BA156C-C977-4F0C-8DFB-3FAE9CC8C02D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7447BC-F315-4298-A822-549942FC118B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu\u0027s peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass."
},
{
"lang": "es",
"value": "GRUB2 no llama a las funciones fini del m\u00f3dulo al salir, lo que hace que el m\u00f3dulo peimage GRUB2 de Debian/Ubuntu deje los ganchos de la tabla del sistema UEFI despu\u00e9s de la salida. Esto conduce a una condici\u00f3n de use-after-free y posiblemente podr\u00eda conducir a una omisi\u00f3n de arranque segura."
}
],
"id": "CVE-2024-2312",
"lastModified": "2025-08-26T17:17:34.323",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "security@ubuntu.com",
"type": "Secondary"
}
]
},
"published": "2024-04-05T20:15:09.020",
"references": [
{
"source": "security@ubuntu.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2312"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20240426-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20240426-0003/"
}
],
"sourceIdentifier": "security@ubuntu.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
BDU:2024-09480
Vulnerability from fstec - Published: 05.04.2024
VLAI Severity ?
Title
Уязвимость модуля peimage загрузчика операционных систем Grub2, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Description
Уязвимость модуля peimage загрузчика операционных систем Grub2 связана с возможностью использования памяти после освобождения. Эксплуатация уязвимости может позволить нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Severity ?
Vendor
ООО «РусБИТех-Астра», Erich Boleyn, АО "НППКТ"
Software Name
Astra Linux Special Edition (запись в едином реестре российских программ №369), Grub2, ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913)
Software Version
1.8 (Astra Linux Special Edition), до 2.12 rc1-10ubuntu4.2 (Grub2), до 2.12 (ОСОН ОСнова Оnyx)
Possible Mitigations
Использование рекомендаций:
Для Grub2:
https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127
Обновление программного обеспечения shim до версии 15.8-1~deb10u1
Для ОС Astra Linux:
обновить пакет grub2 до 2.12-1+1astra3 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-1113SE18
Reference
https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127
https://access.redhat.com/security/cve/cve-2024-2312
https://security-tracker.debian.org/tracker/CVE-2024-2312
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.12/
https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-1113SE18
CWE
CWE-416
{
"CVSS 2.0": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS 3.0": "AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Erich Boleyn, \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\"",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.8 (Astra Linux Special Edition), \u0434\u043e 2.12 rc1-10ubuntu4.2 (Grub2), \u0434\u043e 2.12 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Grub2:\nhttps://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f shim \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 15.8-1~deb10u1\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 grub2 \u0434\u043e 2.12-1+1astra3 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-1113SE18",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "05.04.2024",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "26.11.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "14.11.2024",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-09480",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-2312",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Grub2, \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Canonical Ltd. Ubuntu - , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.8 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.12 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0434\u0443\u043b\u044f peimage \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Grub2, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f (CWE-416)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0434\u0443\u043b\u044f peimage \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Grub2 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127\nhttps://access.redhat.com/security/cve/cve-2024-2312\nhttps://security-tracker.debian.org/tracker/CVE-2024-2312\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.12/\nhttps://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-1113SE18",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-416",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,7)"
}
WID-SEC-W-2024-0805
Vulnerability from csaf_certbund - Published: 2024-04-07 22:00 - Updated: 2024-04-07 22:00Summary
Grub2: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Grand Unified Bootloader (Grub) ist ein freies Bootloader-Programm des GNU Projekts.
Angriff: Ein lokaler Angreifer kann eine Schwachstelle in Grub2 ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme: - Linux
- UNIX
Es besteht eine Schwachstelle in Grub2. Dieser Fehler besteht aufgrund eines Use-after-free-Problems in den fini-Funktionen des Moduls, das nach dem Beenden Hooks in der UEFI-Systemtabelle hinterlässt. Ein lokaler, privilegierter Angreifer kann diese Schwachstelle ausnutzen, um die sichere Boot-Funktion zu umgehen und somit Sicherheitsmaßnahmen zu umgehen.
References
| URL | Category | |
|---|---|---|
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Grand Unified Bootloader (Grub) ist ein freies Bootloader-Programm des GNU Projekts.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann eine Schwachstelle in Grub2 ausnutzen, um Sicherheitsvorkehrungen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0805 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0805.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0805 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0805"
},
{
"category": "external",
"summary": "Red Hat Bugzilla vom 2024-04-07",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273912"
},
{
"category": "external",
"summary": "RedHat Customer Portal vom 2024-04-07",
"url": "https://access.redhat.com/security/cve/CVE-2024-2312"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-04-07",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2312"
}
],
"source_lang": "en-US",
"title": "Grub2: Schwachstelle erm\u00f6glicht Umgehen von Sicherheitsvorkehrungen",
"tracking": {
"current_release_date": "2024-04-07T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:07:22.547+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-0805",
"initial_release_date": "2024-04-07T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-04-07T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2",
"product": {
"name": "Open Source Grub 2",
"product_id": "T015539",
"product_identification_helper": {
"cpe": "cpe:/a:gnu:grub:2"
}
}
}
],
"category": "product_name",
"name": "Grub"
}
],
"category": "vendor",
"name": "Open Source"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2312",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Grub2. Dieser Fehler besteht aufgrund eines Use-after-free-Problems in den fini-Funktionen des Moduls, das nach dem Beenden Hooks in der UEFI-Systemtabelle hinterl\u00e4sst. Ein lokaler, privilegierter Angreifer kann diese Schwachstelle ausnutzen, um die sichere Boot-Funktion zu umgehen und somit Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015539"
]
},
"release_date": "2024-04-07T22:00:00.000+00:00",
"title": "CVE-2024-2312"
}
]
}
Loading…
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…