My Oracle Support Banner

Impact of Vulnerability CVE-2020-14372 on Oracle Products (Doc ID 2757296.1)

Last updated on MARCH 03, 2021

Applies to:

Linux OS - Version Oracle Linux 7.0 with Unbreakable Enterprise Kernel [3.8.13] and later
Oracle Solaris
Linux x86
Linux x86-64


This document details the steps to obtain and install the updates required to mitigate vulnerability CVE-2020-14372 in GRUB2 for the following products:

Customers of Oracle Engineered Systems should refer to the specific patches for their engineered system. Oracle intends to deploy the required updates in the Oracle Cloud Infrastructure (OCI) in accordance with existing change management procedures 


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
 Oracle Linux Customers
 Update GRUB
 Update UEFI Revocation List
 Oracle Solaris Customers

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.