diff --git a/0218-10_linux.in-Don-t-update-BLS-files-that-aren-t-manag.patch b/0218-10_linux.in-Don-t-update-BLS-files-that-aren-t-manag.patch
new file mode 100644
index 0000000..945efc2
--- /dev/null
+++ b/0218-10_linux.in-Don-t-update-BLS-files-that-aren-t-manag.patch
@@ -0,0 +1,56 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Javier Martinez Canillas <javierm@redhat.com>
+Date: Wed, 20 May 2020 12:23:27 +0200
+Subject: [PATCH] 10_linux.in: Don't update BLS files that aren't managed by
+ GRUB scripts
+
+The script is updating all BLS files present in the /boot/loader/entries
+directory, but it should only update the BLS that belong to the machine.
+
+Otherwise if a user is sharing the same boot partition between different
+operating systems, the grub2-mkconfig tool will wrongly update BLS files
+that were created by a different OS.
+
+There are also cases where the BLS snippets are not managed by the GRUB
+scripts at all, for example in OSTree based systems. So it's also wrong
+to update the BLS snippets created by OSTree.
+
+Resolves: rhbz#1837783
+
+Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
+---
+ util/grub.d/10_linux.in | 13 +++++++++++--
+ 1 file changed, 11 insertions(+), 2 deletions(-)
+
+diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
+index 519e2d9e616..e61b6c94f11 100644
+--- a/util/grub.d/10_linux.in
++++ b/util/grub.d/10_linux.in
+@@ -138,16 +138,25 @@ blsdir="/boot/loader/entries"
+ 
+ get_sorted_bls()
+ {
++    if ! [ -d "${blsdir}" ] || ! [ -e /etc/machine-id ]; then
++        return
++    fi
++
++    read machine_id < /etc/machine-id
++    if [ -z "${machine_id}" ]; then
++        return
++    fi
++
+     local IFS=$'\n'
+ 
+-    files=($(for bls in ${blsdir}/*.conf; do
++    files=($(for bls in ${blsdir}/${machine_id}-*.conf; do
+         if ! [[ -e "${bls}" ]] ; then
+             continue
+         fi
+         bls="${bls%.conf}"
+         bls="${bls##*/}"
+         echo "${bls}"
+-    done | ${kernel_sort} | tac)) || :
++    done | ${kernel_sort} 2>/dev/null | tac)) || :
+ 
+     echo "${files[@]}"
+ }
diff --git a/grub.patches b/grub.patches
index 4cfe79a..58735cd 100644
--- a/grub.patches
+++ b/grub.patches
@@ -215,3 +215,4 @@ Patch0214: 0214-10_linux.in-Store-cmdline-in-BLS-snippets-instead-of.patch
 Patch0215: 0215-10_linux.in-restore-existence-check-in-get_sorted_bl.patch
 Patch0216: 0216-tpm-Don-t-propagate-TPM-measurement-errors-to-the-ve.patch
 Patch0217: 0217-tpm-Enable-module-for-all-EFI-platforms.patch
+Patch0218: 0218-10_linux.in-Don-t-update-BLS-files-that-aren-t-manag.patch
diff --git a/grub2.spec b/grub2.spec
index dc80982..172fd58 100644
--- a/grub2.spec
+++ b/grub2.spec
@@ -9,7 +9,7 @@
 Name:		grub2
 Epoch:		1
 Version:	2.04
-Release:	20%{?dist}
+Release:	21%{?dist}
 Summary:	Bootloader with support for Linux, Multiboot and more
 License:	GPLv3+
 URL:		http://www.gnu.org/software/grub/
@@ -504,6 +504,10 @@ rm -r /boot/grub2.tmp/ || :
 %endif
 
 %changelog
+* Wed May 20 2020 Javier Martinez Canillas <javierm@redhat.com> - 2.04-21
+- Don't update BLS files that aren't managed by GRUB scripts
+  Resolves: rhbz#1837783
+
 * Mon May 18 2020 Javier Martinez Canillas <javierm@redhat.com> - 2.04-20
 - Only enable the tpm module for EFI platforms