Release Info

Advisory: CLSA-2025:1751285777

OS: RHEL 7 ELS

Public date: 2025-06-30 12:16:19

Project: grub2

Version: 2.02-0.87.el7_9.14.tuxcare.els1

Errata link: https://errata.tuxcare.com/els_os/rhel7els/CLSA-2025-1751285777.html

Changelog

- CVE-2024-45781: fs/ufs: OOB write in the heap - CVE-2024-45782: fs/hfs: strcpy() using the volume name - CVE-2024-56737: fs/hfs: Fix stack OOB write with grub_strcpy() - CVE-2025-0678: squash4: Integer overflow may lead to heap based out-of-bounds write when reading data - CVE-2025-1125: fs/hfs: Integer overflow may lead to heap based out-of-bounds write - Debrand to Cloudlinux

Update

Update command: yum update grub2*

Packages list

grub2-2.02-0.87.el7_9.14.tuxcare.els1.x86_64.rpm grub2-common-2.02-0.87.el7_9.14.tuxcare.els1.noarch.rpm grub2-efi-ia32-2.02-0.87.el7_9.14.tuxcare.els1.x86_64.rpm grub2-efi-ia32-cdboot-2.02-0.87.el7_9.14.tuxcare.els1.x86_64.rpm grub2-efi-ia32-modules-2.02-0.87.el7_9.14.tuxcare.els1.noarch.rpm grub2-efi-x64-2.02-0.87.el7_9.14.tuxcare.els1.x86_64.rpm grub2-efi-x64-cdboot-2.02-0.87.el7_9.14.tuxcare.els1.x86_64.rpm grub2-efi-x64-modules-2.02-0.87.el7_9.14.tuxcare.els1.noarch.rpm grub2-pc-2.02-0.87.el7_9.14.tuxcare.els1.x86_64.rpm grub2-pc-modules-2.02-0.87.el7_9.14.tuxcare.els1.noarch.rpm grub2-tools-2.02-0.87.el7_9.14.tuxcare.els1.x86_64.rpm grub2-tools-extra-2.02-0.87.el7_9.14.tuxcare.els1.x86_64.rpm grub2-tools-minimal-2.02-0.87.el7_9.14.tuxcare.els1.x86_64.rpm

CVEs

CVE-2025-1125
CVE-2024-56737
CVE-2024-45782
CVE-2025-0678
CVE-2024-45781