[Bug 1996950] [NEW] CVE-2022-2601, CVE-2022-3775: font security fixes
Julian Andres Klode
1996950 at bugs.launchpad.net
Thu Nov 17 21:44:22 UTC 2022
Public bug reported:
[Impact]
security update staged in updates
[Test plan]
Boot a bunch of places
[Where problems could occur]
Font loading is disabled, could cause rendering issues
Unicode font stuffed in xz squashfs, could cause more memory issues
during boot
** Affects: grub2-signed (Ubuntu)
Importance: Undecided
Status: New
** Affects: grub2-unsigned (Ubuntu)
Importance: Undecided
Status: New
** Affects: grub2-signed (Ubuntu Bionic)
Importance: Undecided
Status: New
** Affects: grub2-unsigned (Ubuntu Bionic)
Importance: Undecided
Status: New
** Affects: grub2-signed (Ubuntu Focal)
Importance: Undecided
Status: New
** Affects: grub2-unsigned (Ubuntu Focal)
Importance: Undecided
Status: New
** Affects: grub2-signed (Ubuntu Jammy)
Importance: Undecided
Status: New
** Affects: grub2-unsigned (Ubuntu Jammy)
Importance: Undecided
Status: New
** Affects: grub2-signed (Ubuntu Kinetic)
Importance: Undecided
Status: New
** Affects: grub2-unsigned (Ubuntu Kinetic)
Importance: Undecided
Status: New
** Affects: grub2-signed (Ubuntu Lunar)
Importance: Undecided
Status: New
** Affects: grub2-unsigned (Ubuntu Lunar)
Importance: Undecided
Status: New
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-2601
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3775
** Also affects: grub2-unsigned (Ubuntu Kinetic)
Importance: Undecided
Status: New
** Also affects: grub2-unsigned (Ubuntu Focal)
Importance: Undecided
Status: New
** Also affects: grub2-unsigned (Ubuntu Jammy)
Importance: Undecided
Status: New
** Also affects: grub2-unsigned (Ubuntu Lunar)
Importance: Undecided
Status: New
** Also affects: grub2-unsigned (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: grub2-signed (Ubuntu)
Importance: Undecided
Status: New
** Description changed:
[Impact]
security update staged in updates
- Rest of bug report TBD
+ [Test plan]
+ Boot a bunch of places
+
+ [Where problems could occur]
+ Font loading is disabled, could cause rendering issues
+
+ Unicode font stuffed in xz squashfs, could cause more memory issues
+ during boot
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to grub2-unsigned in Ubuntu.
https://bugs.launchpad.net/bugs/1996950
Title:
CVE-2022-2601, CVE-2022-3775: font security fixes
Status in grub2-signed package in Ubuntu:
New
Status in grub2-unsigned package in Ubuntu:
New
Status in grub2-signed source package in Bionic:
New
Status in grub2-unsigned source package in Bionic:
New
Status in grub2-signed source package in Focal:
New
Status in grub2-unsigned source package in Focal:
New
Status in grub2-signed source package in Jammy:
New
Status in grub2-unsigned source package in Jammy:
New
Status in grub2-signed source package in Kinetic:
New
Status in grub2-unsigned source package in Kinetic:
New
Status in grub2-signed source package in Lunar:
New
Status in grub2-unsigned source package in Lunar:
New
Bug description:
[Impact]
security update staged in updates
[Test plan]
Boot a bunch of places
[Where problems could occur]
Font loading is disabled, could cause rendering issues
Unicode font stuffed in xz squashfs, could cause more memory issues
during boot
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grub2-signed/+bug/1996950/+subscriptions
More information about the foundations-bugs
mailing list