GRUB: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass. grub 2022-09-25 2022-09-25 850535 835082 local 2.06 2.06

GNU GRUB is a multiboot boot loader used by most Linux systems.

Multiple vulnerabilities have been discovered in GRUB. Please review the CVE identifiers referenced below for details.

Please review the referenced CVE identifiers for details.

There is no known workaround at this time.

All GRUB users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=sys-boot/grub-2.06-r3"

After upgrading, make sure to run the grub-install command with options appropriate for your system. See the GRUB2 Gentoo Wiki page for directions. Your system will be vulnerable until this action is performed.

 CVE-2021-3695 CVE-2021-3696 CVE-2021-3697 CVE-2021-3981 CVE-2022-28733 CVE-2022-28734 CVE-2022-28735 CVE-2022-28736 CVE-2022-28737 ajak ajak