Bug 1174463 - (CVE-2020-15706) VUL-0: CVE-2020-15706: grub2: script: Avoid a use-after-free when redefining a function during execution
(CVE-2020-15706)
VUL-0: CVE-2020-15706: grub2: script: Avoid a use-after-free when redefining ...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/264202/
CVSSv3.1:SUSE:CVE-2020-15706:6.4:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-07-24 08:46 UTC by Marcus Meissner
Modified: 2021-09-23 18:45 UTC (History)
4 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments
CVE-2020-15706.patch (3.34 KB, patch)
2020-07-24 08:46 UTC, Marcus Meissner
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Marcus Meissner 2020-07-24 08:46:44 UTC
Created attachment 840002 [details]
CVE-2020-15706.patch

CVE-2020-15706.patch
Comment 4 Marcus Meissner 2020-07-29 17:06:10 UTC
is public via oss-sec and blog

https://eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/
Comment 5 Swamp Workflow Management 2020-07-29 22:13:36 UTC
SUSE-SU-2020:2073-1: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 1168994,1173812,1174463,1174570
CVE References: CVE-2020-10713,CVE-2020-14308,CVE-2020-14309,CVE-2020-14310,CVE-2020-14311,CVE-2020-15706,CVE-2020-15707
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    grub2-2.02-19.48.1
SUSE Linux Enterprise Server 15-LTSS (src):    grub2-2.02-19.48.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    grub2-2.02-19.48.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    grub2-2.02-19.48.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 6 Swamp Workflow Management 2020-07-29 22:14:54 UTC
SUSE-SU-2020:2076-1: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 1084632,1168994,1173812,1174463,1174570
CVE References: CVE-2020-10713,CVE-2020-14308,CVE-2020-14309,CVE-2020-14310,CVE-2020-14311,CVE-2020-15706,CVE-2020-15707
JIRA References: 
Sources used:
SUSE OpenStack Cloud 7 (src):    grub2-2.02~beta2-115.49.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    grub2-2.02~beta2-115.49.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    grub2-2.02~beta2-115.49.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    grub2-2.02~beta2-115.49.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 7 Swamp Workflow Management 2020-07-29 22:16:13 UTC
SUSE-SU-2020:2079-1: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 1084632,1168994,1173812,1174463,1174570
CVE References: CVE-2020-10713,CVE-2020-14308,CVE-2020-14309,CVE-2020-14310,CVE-2020-14311,CVE-2020-15706,CVE-2020-15707
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    grub2-2.02-4.53.1
SUSE OpenStack Cloud 8 (src):    grub2-2.02-4.53.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    grub2-2.02-4.53.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    grub2-2.02-4.53.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    grub2-2.02-4.53.1
SUSE Enterprise Storage 5 (src):    grub2-2.02-4.53.1
HPE Helion Openstack 8 (src):    grub2-2.02-4.53.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 8 Swamp Workflow Management 2020-07-29 22:17:26 UTC
SUSE-SU-2020:2078-1: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 1168994,1173812,1174463,1174570
CVE References: CVE-2020-10713,CVE-2020-14308,CVE-2020-14309,CVE-2020-14310,CVE-2020-14311,CVE-2020-15706,CVE-2020-15707
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    grub2-2.02-12.31.1
SUSE OpenStack Cloud 9 (src):    grub2-2.02-12.31.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    grub2-2.02-12.31.1
SUSE Linux Enterprise Server 12-SP5 (src):    grub2-2.02-12.31.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    grub2-2.02-12.31.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 9 Swamp Workflow Management 2020-07-29 22:19:20 UTC
SUSE-SU-2020:2074-1: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 1168994,1173812,1174463,1174570
CVE References: CVE-2020-10713,CVE-2020-14308,CVE-2020-14309,CVE-2020-14310,CVE-2020-14311,CVE-2020-15706,CVE-2020-15707
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Server Applications 15-SP2 (src):    grub2-2.04-9.7.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    grub2-2.04-9.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 10 Swamp Workflow Management 2020-07-29 22:21:20 UTC
SUSE-SU-2020:2077-1: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 1168994,1173812,1174463,1174570
CVE References: CVE-2020-10713,CVE-2020-14308,CVE-2020-14309,CVE-2020-14310,CVE-2020-14311,CVE-2020-15706,CVE-2020-15707
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Server Applications 15-SP1 (src):    grub2-2.02-26.25.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    grub2-2.02-26.25.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 11 Swamp Workflow Management 2020-07-29 22:22:37 UTC
SUSE-SU-2020:14440-1: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 1084632,1168994,1173812,1174463,1174570
CVE References: CVE-2020-10713,CVE-2020-14308,CVE-2020-14309,CVE-2020-14310,CVE-2020-14311,CVE-2020-15706,CVE-2020-15707
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 11-SP4-LTSS (src):    grub2-2.00-0.66.15.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    grub2-2.00-0.66.15.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 13 Swamp Workflow Management 2020-08-08 16:14:34 UTC
openSUSE-SU-2020:1168-1: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 1168994,1173812,1174463,1174570
CVE References: CVE-2020-10713,CVE-2020-14308,CVE-2020-14309,CVE-2020-14310,CVE-2020-14311,CVE-2020-15706,CVE-2020-15707
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    grub2-2.02-lp151.21.21.4
Comment 14 Swamp Workflow Management 2020-08-08 16:16:28 UTC
openSUSE-SU-2020:1169-1: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 1168994,1173812,1174463,1174570
CVE References: CVE-2020-10713,CVE-2020-14308,CVE-2020-14309,CVE-2020-14310,CVE-2020-14311,CVE-2020-15706,CVE-2020-15707
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    grub2-2.04-lp152.7.3.4
Comment 18 Michael Chang 2020-08-26 05:28:40 UTC
The patch has been submitted so changing the status accordingly.
Comment 19 Michael Chang 2020-08-26 08:06:48 UTC
Reassign completed bug to security-team@suse.de
Comment 20 Wolfgang Frisch 2020-09-02 08:27:58 UTC
Resolved.