HCE1-SA-2024-0050 Important HCE 1.1 Security Fix(es): When rendering certain unicode sequences, grub2_x27;s font code doesn_x27;t proper validate if the informed glyph_x27;s width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2_x27;s heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded. (CVE-2022-3775) A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism. (CVE-2022-2601) HCE 1.1 grub2-2.02-0.87.0.2.hce1c.14.x86_64.rpm grub2-common-2.02-0.87.0.2.hce1c.14.noarch.rpm grub2-efi-ia32-2.02-0.87.0.2.hce1c.14.x86_64.rpm grub2-efi-x64-2.02-0.87.0.2.hce1c.14.x86_64.rpm grub2-pc-2.02-0.87.0.2.hce1c.14.x86_64.rpm grub2-pc-modules-2.02-0.87.0.2.hce1c.14.noarch.rpm grub2-tools-2.02-0.87.0.2.hce1c.14.x86_64.rpm grub2-tools-extra-2.02-0.87.0.2.hce1c.14.x86_64.rpm grub2-tools-minimal-2.02-0.87.0.2.hce1c.14.x86_64.rpm