Stay Connected:

ELSA-2025-3367

ELSA-2025-3367 - grub2 security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2025-04-21

Description


[2.02-164.0.2]
- fs/ext2: Rework out-of-bounds read for inline and external extents [Orabug: 37829911]

[2.02-164.0.1]
- Update grub2 dependencies to match new Secure Boot certificate chain of trust [Orabug: 37766761]
- Fix typo in SBAT metadata [Orabug: 37693946]
- Allow installation of grub2 only with shim-aa64 that allows booting it [Orabug: 37693946]
- net/dns: Fix removal of DNS server [Orabug: 37539625]
- net/dns: Simplify error handling of recv_hook() function [Orabug: 37539625]
- net/dns: Add debugging messages in recv_hook() function [Orabug: 37539625]
- net/dns: Fix lookup error when no IPv6 is returned [Orabug: 37539625]
- Use correct os_name on OL
- Backport the support for setting custom kernels as default kernels [Orabug: 36690061]
- Restore correct SBAT entries
- Replaced bugzilla.oracle.com references [Orabug: 35475894]
- efinet: Close and reopen card on failure [Orabug: 35126950]
- Fix CVE-2022-3775 [Orabug: 34867710]
- Bump SBAT metadata for grub to 3 [Orabug: 34871758]
- Enable signing on aarch64
- Don't try to switch to a BLS config if GRUB_ENABLE_BLSCFG is already set (Javier Martinez Canillas) [Orabug: 34375996]
- Enable back btrfs module by default [Orabug: 34377188]
- Backport upstream SNP protocol fixes [Orabug: 34195100]
- Rebase Fix EFI loader kernel image allocation patch, adapt it to new NX code [Orabug: 34352232]
- enable multiboot2 [Orabug: 34285558]
- backport arm64: Fix EFI loader kernel image allocation [Orabug: 33702462]
- backport Arm: check for the PE magic for the compiled arch [Orabug: 33702462]
- Backport some better script logic for BTRFS support [Orabug: 32448171]
- Do not add shim and grub certificate deps for aarch64 packages [Orabug: 32670033]
- Update Oracle SBAT data [Orabug: 32670033]
- Use new signing certificate [Orabug: 32670033]
- Fix various coverity issues [Orabug: 32530657]
- Set proper blsdir if /boot is on btrfs rootfs [Orabug: 32063327]
- Add CVE-2020-15706, CVE-2020-15707 to the list [Orabug: 31225072]
- honor /etc/sysconfig/kernel DEFAULTKERNEL setting for BLS [Orabug: 30643497]
- set EFIDIR as redhat for additional grub2 tools [Orabug: 29875597]
- Update upstream references [Orabug: 26388226]
- Insert Unbreakable Enterprise Kernel text into BLS config file [Orabug: 29417955]
- fix symlink removal scriptlet, to be executed only on removal [Orabug: 19231481]
- Fix comparison in patch for 18504756
- Remove symlink to grub environment file during uninstall on EFI platforms [Orabug: 19231481]
- Put 'with' in menuentry instead of 'using' [Orabug: 18504756]
- Use different titles for UEK and RHCK kernels [Orabug: 18504756]

[2.02-164]
- Bump NVR to sign the build
- Resolves: #RHEL-85627

[2.02-163]
- fs/xfs: Synced xfs to latest
- Resolves: #RHEL-85627

[2.02-162]
- ieee1275/ofnet: Fix grub_malloc() removed after added safe
- Remove 'fs/ntfs: Implement attribute verification' patch
- Related: #RHEL-79837

[2.02-161]
- Add Several CVE fixes
- Resolves CVE-2024-45775 CVE-2025-0624
- Resolves: #RHEL-75735
- Resolves: #RHEL-79837


Related CVEs


CVE-2025-0624

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) grub2-2.02-164.0.2.el8_10.src.rpmae20905192afea5b9d1d0c5f06ac2cc7df1c9b414bf981a483099b8b73b9f49a-ol8_aarch64_baseos_latest
grub2-2.02-164.0.2.el8_10.src.rpmae20905192afea5b9d1d0c5f06ac2cc7df1c9b414bf981a483099b8b73b9f49a-ol8_aarch64_u10_baseos_patch
grub2-common-2.02-164.0.2.el8_10.noarch.rpm91e493e3b5b8ceaf9a1975cd25e16291d077ed3a8271dc3e1288af853bf310d9-ol8_aarch64_baseos_latest
grub2-common-2.02-164.0.2.el8_10.noarch.rpm91e493e3b5b8ceaf9a1975cd25e16291d077ed3a8271dc3e1288af853bf310d9-ol8_aarch64_u10_baseos_patch
grub2-efi-aa64-2.02-164.0.2.el8_10.aarch64.rpm32e9c77ba2aef7456a4c10fbb5ef79cb50c085d7bdd190d88723269c7d2ce427-ol8_aarch64_baseos_latest
grub2-efi-aa64-2.02-164.0.2.el8_10.aarch64.rpm32e9c77ba2aef7456a4c10fbb5ef79cb50c085d7bdd190d88723269c7d2ce427-ol8_aarch64_u10_baseos_patch
grub2-efi-aa64-cdboot-2.02-164.0.2.el8_10.aarch64.rpma79572e20d3a6d38443740f4bd7605043a71cb87c115143dcd01f6b4256d679e-ol8_aarch64_baseos_latest
grub2-efi-aa64-cdboot-2.02-164.0.2.el8_10.aarch64.rpma79572e20d3a6d38443740f4bd7605043a71cb87c115143dcd01f6b4256d679e-ol8_aarch64_u10_baseos_patch
grub2-efi-aa64-modules-2.02-164.0.2.el8_10.noarch.rpm6a00161a24e2564a3f2919fc63067297e868ec1b6625b09711fd785862a07ac6-ol8_aarch64_baseos_latest
grub2-efi-aa64-modules-2.02-164.0.2.el8_10.noarch.rpm6a00161a24e2564a3f2919fc63067297e868ec1b6625b09711fd785862a07ac6-ol8_aarch64_u10_baseos_patch
grub2-efi-ia32-modules-2.02-164.0.2.el8_10.noarch.rpmf9ac2bcb884aa794cb5eba60272de120f2ba7999105da85c5e3424bf6781d5af-ol8_aarch64_baseos_latest
grub2-efi-ia32-modules-2.02-164.0.2.el8_10.noarch.rpmf9ac2bcb884aa794cb5eba60272de120f2ba7999105da85c5e3424bf6781d5af-ol8_aarch64_u10_baseos_patch
grub2-efi-x64-modules-2.02-164.0.2.el8_10.noarch.rpm85536076fa18295d2fbaee52de6362a5a00beefc735c2adb82d5fae0834243dc-ol8_aarch64_baseos_latest
grub2-efi-x64-modules-2.02-164.0.2.el8_10.noarch.rpm85536076fa18295d2fbaee52de6362a5a00beefc735c2adb82d5fae0834243dc-ol8_aarch64_u10_baseos_patch
grub2-pc-modules-2.02-164.0.2.el8_10.noarch.rpm4999f4156f62fe919bacfc54b67d1795a776763e28aaee70a3870e7e051b6a2f-ol8_aarch64_baseos_latest
grub2-pc-modules-2.02-164.0.2.el8_10.noarch.rpm4999f4156f62fe919bacfc54b67d1795a776763e28aaee70a3870e7e051b6a2f-ol8_aarch64_u10_baseos_patch
grub2-tools-2.02-164.0.2.el8_10.aarch64.rpm42b2d3b235b62c8051fd818eda1e6c3cecb0b334f086646c4cb1d961487da2cb-ol8_aarch64_baseos_latest
grub2-tools-2.02-164.0.2.el8_10.aarch64.rpm42b2d3b235b62c8051fd818eda1e6c3cecb0b334f086646c4cb1d961487da2cb-ol8_aarch64_u10_baseos_patch
grub2-tools-extra-2.02-164.0.2.el8_10.aarch64.rpmeeea8b45e509f607f22f4f371925b2ecc1334d9fe5123749b2a8100ea8528d83-ol8_aarch64_baseos_latest
grub2-tools-extra-2.02-164.0.2.el8_10.aarch64.rpmeeea8b45e509f607f22f4f371925b2ecc1334d9fe5123749b2a8100ea8528d83-ol8_aarch64_u10_baseos_patch
grub2-tools-minimal-2.02-164.0.2.el8_10.aarch64.rpmc53a3b1b8ef9b4a50ce4fc59c81ae4701ca3548c2977ec4337351b664e956fe9-ol8_aarch64_baseos_latest
grub2-tools-minimal-2.02-164.0.2.el8_10.aarch64.rpmc53a3b1b8ef9b4a50ce4fc59c81ae4701ca3548c2977ec4337351b664e956fe9-ol8_aarch64_u10_baseos_patch
Oracle Linux 8 (x86_64) grub2-2.02-164.0.2.el8_10.src.rpmae20905192afea5b9d1d0c5f06ac2cc7df1c9b414bf981a483099b8b73b9f49a-ol8_x86_64_baseos_latest
grub2-2.02-164.0.2.el8_10.src.rpmae20905192afea5b9d1d0c5f06ac2cc7df1c9b414bf981a483099b8b73b9f49a-ol8_x86_64_u10_baseos_patch
grub2-common-2.02-164.0.2.el8_10.noarch.rpm91e493e3b5b8ceaf9a1975cd25e16291d077ed3a8271dc3e1288af853bf310d9-ol8_x86_64_baseos_latest
grub2-common-2.02-164.0.2.el8_10.noarch.rpm91e493e3b5b8ceaf9a1975cd25e16291d077ed3a8271dc3e1288af853bf310d9-ol8_x86_64_u10_baseos_patch
grub2-efi-aa64-modules-2.02-164.0.2.el8_10.noarch.rpm6a00161a24e2564a3f2919fc63067297e868ec1b6625b09711fd785862a07ac6-ol8_x86_64_baseos_latest
grub2-efi-aa64-modules-2.02-164.0.2.el8_10.noarch.rpm6a00161a24e2564a3f2919fc63067297e868ec1b6625b09711fd785862a07ac6-ol8_x86_64_u10_baseos_patch
grub2-efi-ia32-2.02-164.0.2.el8_10.x86_64.rpmb15c2aa66278cc8b08e771a660f82b2f54067e07fcb130066c55873a1f979c2d-ol8_x86_64_baseos_latest
grub2-efi-ia32-2.02-164.0.2.el8_10.x86_64.rpmb15c2aa66278cc8b08e771a660f82b2f54067e07fcb130066c55873a1f979c2d-ol8_x86_64_u10_baseos_patch
grub2-efi-ia32-cdboot-2.02-164.0.2.el8_10.x86_64.rpmeca8d99afa0dd548fbfbdf0b8900e7614ed2b91f82f24aea7ac6d75d82a3920f-ol8_x86_64_baseos_latest
grub2-efi-ia32-cdboot-2.02-164.0.2.el8_10.x86_64.rpmeca8d99afa0dd548fbfbdf0b8900e7614ed2b91f82f24aea7ac6d75d82a3920f-ol8_x86_64_u10_baseos_patch
grub2-efi-ia32-modules-2.02-164.0.2.el8_10.noarch.rpmf9ac2bcb884aa794cb5eba60272de120f2ba7999105da85c5e3424bf6781d5af-ol8_x86_64_baseos_latest
grub2-efi-ia32-modules-2.02-164.0.2.el8_10.noarch.rpmf9ac2bcb884aa794cb5eba60272de120f2ba7999105da85c5e3424bf6781d5af-ol8_x86_64_u10_baseos_patch
grub2-efi-x64-2.02-164.0.2.el8_10.x86_64.rpmc1cdf95d188a3669cfbc1196bd1f090045e0f3fdeca02ff2f46603317890c566-ol8_x86_64_baseos_latest
grub2-efi-x64-2.02-164.0.2.el8_10.x86_64.rpmc1cdf95d188a3669cfbc1196bd1f090045e0f3fdeca02ff2f46603317890c566-ol8_x86_64_u10_baseos_patch
grub2-efi-x64-cdboot-2.02-164.0.2.el8_10.x86_64.rpmf37b2426d47f01b30f340855effc7631c98250c4366932bc8e889ec11a17e400-ol8_x86_64_baseos_latest
grub2-efi-x64-cdboot-2.02-164.0.2.el8_10.x86_64.rpmf37b2426d47f01b30f340855effc7631c98250c4366932bc8e889ec11a17e400-ol8_x86_64_u10_baseos_patch
grub2-efi-x64-modules-2.02-164.0.2.el8_10.noarch.rpm85536076fa18295d2fbaee52de6362a5a00beefc735c2adb82d5fae0834243dc-ol8_x86_64_baseos_latest
grub2-efi-x64-modules-2.02-164.0.2.el8_10.noarch.rpm85536076fa18295d2fbaee52de6362a5a00beefc735c2adb82d5fae0834243dc-ol8_x86_64_u10_baseos_patch
grub2-pc-2.02-164.0.2.el8_10.x86_64.rpm9b5e9b453e71f116dc5d2ce459c90dc8d816f4aa5f0cfb68fd183b3b104f8030-ol8_x86_64_baseos_latest
grub2-pc-2.02-164.0.2.el8_10.x86_64.rpm9b5e9b453e71f116dc5d2ce459c90dc8d816f4aa5f0cfb68fd183b3b104f8030-ol8_x86_64_u10_baseos_patch
grub2-pc-modules-2.02-164.0.2.el8_10.noarch.rpm4999f4156f62fe919bacfc54b67d1795a776763e28aaee70a3870e7e051b6a2f-ol8_x86_64_baseos_latest
grub2-pc-modules-2.02-164.0.2.el8_10.noarch.rpm4999f4156f62fe919bacfc54b67d1795a776763e28aaee70a3870e7e051b6a2f-ol8_x86_64_u10_baseos_patch
grub2-tools-2.02-164.0.2.el8_10.x86_64.rpma07e24205875833f5432f57fe1455c0004da13500fbee4e0cb7705d3d61463e8-ol8_x86_64_baseos_latest
grub2-tools-2.02-164.0.2.el8_10.x86_64.rpma07e24205875833f5432f57fe1455c0004da13500fbee4e0cb7705d3d61463e8-ol8_x86_64_u10_baseos_patch
grub2-tools-efi-2.02-164.0.2.el8_10.x86_64.rpm827db838c90f992c99a1354599310de97122429af2c338243a60502a1087e6f9-ol8_x86_64_baseos_latest
grub2-tools-efi-2.02-164.0.2.el8_10.x86_64.rpm827db838c90f992c99a1354599310de97122429af2c338243a60502a1087e6f9-ol8_x86_64_u10_baseos_patch
grub2-tools-extra-2.02-164.0.2.el8_10.x86_64.rpme6a2bb44a0f5f29464f41b0f6e1191b668a02b55370774400921b798a96f2183-ol8_x86_64_baseos_latest
grub2-tools-extra-2.02-164.0.2.el8_10.x86_64.rpme6a2bb44a0f5f29464f41b0f6e1191b668a02b55370774400921b798a96f2183-ol8_x86_64_u10_baseos_patch
grub2-tools-minimal-2.02-164.0.2.el8_10.x86_64.rpm3524b6239b4dda0f7879a19da657e94ab1c29d42605870eb183a64cbc7799a83-ol8_x86_64_baseos_latest
grub2-tools-minimal-2.02-164.0.2.el8_10.x86_64.rpm3524b6239b4dda0f7879a19da657e94ab1c29d42605870eb183a64cbc7799a83-ol8_x86_64_u10_baseos_patch



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights