漏洞关键信息概览 漏洞ID及关联CVE 漏洞ID: Bug 1991685 关联CVE: CVE-2021-3695 影响产品及版本 产品: grub2 已修复版本: grub 2.12 漏洞描述 漏洞类型: Crafted PNG grayscale images may lead to out-of-bounds write 影响: An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. 漏洞严重性 优先级: medium 严重性: medium 漏洞状态及时间线 状态: CLOSED ERRATA 报告时间: 2021-08-09 17:19 UTC 最后关闭时间: 2022-06-16 21:07:12 UTC 漏洞处理及影响产品 处理方式: 通过RHSA发布针对不同Red Hat Enterprise Linux版本的修复公告。 影响产品版本: - Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions - Red Hat Enterprise Linux 8.4 Extended Update Support - Red Hat Enterprise Linux 9 - Red Hat Enterprise Linux 8 - Red Hat Enterprise Linux 8.2 Extended Update Support