CLSA-2022-1669388927

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1669388927.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2022-1669388927
Upstream
Published
2022-11-25T15:08:47Z
Modified
2026-05-27T11:33:31.922550938Z
Summary
grub2: Fix of 7 CVEs
Details
  • CVE-2021-3981: Fix default privileges of grub.cfg file
  • CVE-2022-28736: Fix use-after-free bug when grubcmdchainloader is executed more than once before a boot attempt is performed.
  • CVE-2021-3695: Drop greyscale support to fix heap out-of-bounds write
  • CVE-2021-3696: Fix out of range insertion into huffman table
  • CVE-2021-3697: Fix integer undeflow which resulted in wild pointer write
  • CVE-2022-28733: Fix integer underflow which resulted in subsequent unpleasantness
  • CVE-2022-28734: Fix erros in handling of split http headers
References

Affected packages

TuxCare:CentOS:8.4
grub2-common

Package

Name
grub2-common
Purl
pkg:rpm/tuxcare/grub2-common?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:2.02-106.el8.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1669388927.json"
grub2-efi-ia32

Package

Name
grub2-efi-ia32
Purl
pkg:rpm/tuxcare/grub2-efi-ia32?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:2.02-106.el8.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1669388927.json"
grub2-efi-ia32-cdboot

Package

Name
grub2-efi-ia32-cdboot
Purl
pkg:rpm/tuxcare/grub2-efi-ia32-cdboot?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:2.02-106.el8.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1669388927.json"
grub2-efi-ia32-modules

Package

Name
grub2-efi-ia32-modules
Purl
pkg:rpm/tuxcare/grub2-efi-ia32-modules?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:2.02-106.el8.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1669388927.json"
grub2-efi-x64

Package

Name
grub2-efi-x64
Purl
pkg:rpm/tuxcare/grub2-efi-x64?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:2.02-106.el8.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1669388927.json"
grub2-efi-x64-cdboot

Package

Name
grub2-efi-x64-cdboot
Purl
pkg:rpm/tuxcare/grub2-efi-x64-cdboot?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:2.02-106.el8.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1669388927.json"
grub2-efi-x64-modules

Package

Name
grub2-efi-x64-modules
Purl
pkg:rpm/tuxcare/grub2-efi-x64-modules?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:2.02-106.el8.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1669388927.json"
grub2-pc

Package

Name
grub2-pc
Purl
pkg:rpm/tuxcare/grub2-pc?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:2.02-106.el8.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1669388927.json"
grub2-pc-modules

Package

Name
grub2-pc-modules
Purl
pkg:rpm/tuxcare/grub2-pc-modules?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:2.02-106.el8.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1669388927.json"
grub2-tools

Package

Name
grub2-tools
Purl
pkg:rpm/tuxcare/grub2-tools?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:2.02-106.el8.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1669388927.json"
grub2-tools-efi

Package

Name
grub2-tools-efi
Purl
pkg:rpm/tuxcare/grub2-tools-efi?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:2.02-106.el8.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1669388927.json"
grub2-tools-extra

Package

Name
grub2-tools-extra
Purl
pkg:rpm/tuxcare/grub2-tools-extra?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:2.02-106.el8.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1669388927.json"
grub2-tools-minimal

Package

Name
grub2-tools-minimal
Purl
pkg:rpm/tuxcare/grub2-tools-minimal?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:2.02-106.el8.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1669388927.json"