Security Vulnerability: Boothole November 2022 / Boothole 4

This document (000021048) is provided subject to the disclaimer at the end of this document.


For a comprehensive list of affected products please visit the SUSE CVE announcements:


Grub developers and security researchers have identified more security relevant bugs in the grub2 bootloader, which could be used by local attackers to circumvent the secure boot chain. This vulnerability has similar effects and considerations as the original Boothole, Boothole 2 and Boothole 3 issues. 

For regular users with their machine under full control this is less of an issue as on scenarios relying on secure boot, like public systems.


Security issues addressed:

- CVE-2022-2601: A crafted PF2 font could cause a buffer overflow in grub_font_construct_glyph.
- CVE-2022-3775: Fixed an integer underflow in blit_comb() font handling.

  These security issues require attackers to supply crafted fonts to grub2, which is unlikely in common local scenarios, but can allow bypassing secure boot chain.

SUSE has:

- Switched to a new secure boot signing key for secure boot signed artefacts in March 2023.
  The new key was published on

- Released grub2 updates, with incremented SBAT revision on x86_64 and also signed with the new secure boot key to allow disabling it on IBM Z and IBM Power in March 2023.

- Released Linux Kernel Updates signed with the new signing key in March 2023.

- Released various other secure boot signed artefact packages, like s390-tools, fwupd, fwupdate in March and April 2023.


Security Alert


This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:000021048
  • Creation Date: 20-Apr-2023
  • Modified Date:20-Apr-2023
    • SUSE Linux Enterprise Server
    • SUSE Linux Enterprise Server for SAP Applications

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

Join Our Community

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.

SUSE Customer Support Quick Reference Guide SUSE Technical Support Handbook Update Advisories
Support FAQ

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.

Go to Customer Center