Researchers from Eclypsium just published a new vulnerability in grub2 called
We put a highlevel view in a blog:
and our TID:
The points in there apply the same way to openSUSE.
For openSUSE Leap 15.2, Lubos and I plan a "fall" respin of the DVD
media that continue to boot in updated UEFI secure boot scenarios
openSUSE Maintenance and Security work will now commence on this issue,
we will be publishing grub2 and other updates in the next days and also
do the signing key rotation before this.