{"id":"RLSA-2021:2566","summary":"Moderate: fwupd security update","details":"The fwupd packages provide a service that allows session software to update device firmware.\n\nSecurity Fix(es):\n\n* grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled (CVE-2020-14372)\n\n* grub2: Use-after-free in rmmod command (CVE-2020-25632)\n\n* grub2: Out-of-bounds write in grub_usb_device_initialize() (CVE-2020-25647)\n\n* grub2: Stack buffer overflow in grub_parser_split_cmdline() (CVE-2020-27749)\n\n* grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled (CVE-2020-27779)\n\n* grub2: Heap out-of-bounds write in short form option parser (CVE-2021-20225)\n\n* grub2: Heap out-of-bounds write due to miscalculation of space required for quoting (CVE-2021-20233)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","modified":"2026-02-04T07:40:23.103663Z","published":"2021-06-29T13:41:47Z","upstream":["CVE-2020-14372","CVE-2020-25632","CVE-2020-25647","CVE-2020-27749","CVE-2020-27779","CVE-2021-20225","CVE-2021-20233"],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2021:2566"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1873150"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879577"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1886936"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1899966"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1900698"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1924696"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1926263"}],"affected":[{"package":{"name":"fwupd","ecosystem":"Rocky Linux:8","purl":"pkg:rpm/rocky-linux/fwupd?distro=rocky-linux-8-4-legacy&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.5.9-1.el8_4"}],"database_specific":{"yum_repository":"BaseOS"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2021:2566.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]}