WHAT HAPPENED

Red Hat is currently responding to a Moderate vulnerability in the GRUB 2 boot loader that impacts several products.

Advanced Users: For a complete description of the vulnerabilities and effected systems, visit:

• Boot Hole Vulnerability - GRUB 2 boot loader - CVE-2020-10713

AFFECTED SYSTEMS:

• Red Hat Enterprise Linux (RHEL) 7 and 8
• Red Hat Enterprise Atomic Host
• RHEL CoreOS (part of Openshift Container Platform 4) ship the vulnerable GRUB 2 version. 

WHAT’S THE PROBLEM?

This flaw allows an attacker to take control of the affected systems.

RELATED LINKS

• IT SECURITY
• GNU GRUB2 Vulnerability (US-CERT)
• GRUB2 bootloader is vulnerable to buffer overflow (Carnegie Mellon University)