Security Vulnerability: Boothole November 2022 / Boothole 4
This document (000021048) is provided subject to the disclaimer at the end of this document.
Environment
For a comprehensive list of affected products please visit the SUSE CVE announcements:
https://www.suse.com/security/cve/CVE-2022-2601
https://www.suse.com/security/cve/CVE-2022-3775
Situation
Grub developers and security researchers have identified more security relevant bugs in the grub2 bootloader, which could be used by local attackers to circumvent the secure boot chain. This vulnerability has similar effects and considerations as the original Boothole, Boothole 2 and Boothole 3 issues.
For regular users with their machine under full control this is less of an issue as on scenarios relying on secure boot, like public systems.
For regular users with their machine under full control this is less of an issue as on scenarios relying on secure boot, like public systems.
Resolution
Security issues addressed:
- CVE-2022-2601: A crafted PF2 font could cause a buffer overflow in grub_font_construct_glyph.
- CVE-2022-3775: Fixed an integer underflow in blit_comb() font handling.
These security issues require attackers to supply crafted fonts to grub2, which is unlikely in common local scenarios, but can allow bypassing secure boot chain.
SUSE has:
- Switched to a new secure boot signing key for secure boot signed artefacts in March 2023.
The new key was published on https://www.suse.com/support/security/keys/
- Released grub2 updates, with incremented SBAT revision on x86_64 and also signed with the new secure boot key to allow disabling it on IBM Z and IBM Power in March 2023.
- Released Linux Kernel Updates signed with the new signing key in March 2023.
- Released various other secure boot signed artefact packages, like s390-tools, fwupd, fwupdate in March and April 2023.
- CVE-2022-2601: A crafted PF2 font could cause a buffer overflow in grub_font_construct_glyph.
- CVE-2022-3775: Fixed an integer underflow in blit_comb() font handling.
These security issues require attackers to supply crafted fonts to grub2, which is unlikely in common local scenarios, but can allow bypassing secure boot chain.
SUSE has:
- Switched to a new secure boot signing key for secure boot signed artefacts in March 2023.
The new key was published on https://www.suse.com/support/security/keys/
- Released grub2 updates, with incremented SBAT revision on x86_64 and also signed with the new secure boot key to allow disabling it on IBM Z and IBM Power in March 2023.
- Released Linux Kernel Updates signed with the new signing key in March 2023.
- Released various other secure boot signed artefact packages, like s390-tools, fwupd, fwupdate in March and April 2023.
Status
Security Alert
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:000021048
- Creation Date: 20-Apr-2023
- Modified Date:20-Apr-2023
-
- SUSE Linux Enterprise Server
- SUSE Linux Enterprise Server for SAP Applications
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com
