HCE2-SA-2023-0083 Important HCE 2.0 Security Fix(es): A flaw was found in the grub2 font code. When rendering certain unicode sequences, it fails to properly validate the font width and height. These values are further used to access the font buffer, causing possible out-of-bounds writes. A malicious actor may craft a font capable of triggering this issue, allowing modifications in unauthorized memory segments, causing data integrity problems or leading to denial of service. (CVE-2022-3775) A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism. (CVE-2022-2601) HCE 2.0 grub2-common-2.06-3.r20.hce2.noarch.rpm grub2-efi-aa64-2.06-3.r20.hce2.aarch64.rpm grub2-efi-aa64-modules-2.06-3.r20.hce2.noarch.rpm grub2-help-2.06-3.r20.hce2.noarch.rpm grub2-tools-2.06-3.r20.hce2.aarch64.rpm grub2-tools-extra-2.06-3.r20.hce2.aarch64.rpm grub2-tools-minimal-2.06-3.r20.hce2.aarch64.rpm grub2-efi-ia32-modules-2.06-3.r20.hce2.noarch.rpm grub2-efi-x64-2.06-3.r20.hce2.x86_64.rpm grub2-efi-x64-modules-2.06-3.r20.hce2.noarch.rpm grub2-pc-2.06-3.r20.hce2.x86_64.rpm grub2-pc-modules-2.06-3.r20.hce2.noarch.rpm grub2-tools-2.06-3.r20.hce2.x86_64.rpm grub2-tools-efi-2.06-3.r20.hce2.x86_64.rpm grub2-tools-extra-2.06-3.r20.hce2.x86_64.rpm grub2-tools-minimal-2.06-3.r20.hce2.x86_64.rpm