{"schema_version":"1.7.2","id":"OESA-2024-1700","modified":"2024-06-07T11:08:14Z","published":"2024-06-07T11:08:14Z","upstream":["CVE-2021-46848"],"summary":"grub2 security update","details":"GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader, which was originally designed and implemented by Erich Stefan Boleyn.\r\n\r\nSecurity Fix(es):\r\n\r\nGNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.(CVE-2021-46848)","affected":[{"package":{"ecosystem":"openEuler:22.03-LTS-SP3","name":"grub2","purl":"pkg:rpm/openEuler/grub2\u0026distro=openEuler-22.03-LTS-SP3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.06-46.oe2203sp3"}]}],"ecosystem_specific":{"aarch64":["grub2-tools-extra-2.06-46.oe2203sp3.aarch64.rpm","grub2-debugsource-2.06-46.oe2203sp3.aarch64.rpm","grub2-tools-2.06-46.oe2203sp3.aarch64.rpm","grub2-efi-aa64-2.06-46.oe2203sp3.aarch64.rpm","grub2-debuginfo-2.06-46.oe2203sp3.aarch64.rpm","grub2-efi-aa64-cdboot-2.06-46.oe2203sp3.aarch64.rpm","grub2-tools-minimal-2.06-46.oe2203sp3.aarch64.rpm"],"noarch":["grub2-pc-modules-2.06-46.oe2203sp3.noarch.rpm","grub2-efi-ia32-modules-2.06-46.oe2203sp3.noarch.rpm","grub2-efi-x64-modules-2.06-46.oe2203sp3.noarch.rpm","grub2-efi-aa64-modules-2.06-46.oe2203sp3.noarch.rpm","grub2-help-2.06-46.oe2203sp3.noarch.rpm","grub2-common-2.06-46.oe2203sp3.noarch.rpm"],"src":["grub2-2.06-46.oe2203sp3.src.rpm"],"x86_64":["grub2-tools-extra-2.06-46.oe2203sp3.x86_64.rpm","grub2-pc-2.06-46.oe2203sp3.x86_64.rpm","grub2-efi-x64-cdboot-2.06-46.oe2203sp3.x86_64.rpm","grub2-tools-2.06-46.oe2203sp3.x86_64.rpm","grub2-efi-ia32-2.06-46.oe2203sp3.x86_64.rpm","grub2-tools-efi-2.06-46.oe2203sp3.x86_64.rpm","grub2-efi-x64-2.06-46.oe2203sp3.x86_64.rpm","grub2-efi-ia32-cdboot-2.06-46.oe2203sp3.x86_64.rpm","grub2-debuginfo-2.06-46.oe2203sp3.x86_64.rpm","grub2-debugsource-2.06-46.oe2203sp3.x86_64.rpm","grub2-tools-minimal-2.06-46.oe2203sp3.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1700"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46848"}],"database_specific":{"severity":"Critical"}}