- Description
- When reading the language .mo file in grub_mofile_open(), grub2 fails to verify an integer overflow when allocating its internal buffer. A crafted .mo file may lead the buffer size calculation to overflow, leading to out-of-bound reads and writes. This flaw allows an attacker to leak sensitive data or overwrite critical data, possibly circumventing secure boot protections.
- Source
- secalert@redhat.com
- NVD status
- Received
CVSS 3.1
- Type
- Primary
- Base score
- 6.7
- Impact score
- 5.9
- Exploitability score
- 0.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- MEDIUM
- secalert@redhat.com
- CWE-787
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
⚠️ Vulnerability Alert: GRUB2 Bootloader Vulnerabilities 📅 Timeline: Disclosure: 2025-02-18, Patch: 2025-(TBD) 🆔cveId: CVE-2024-45774, CVE-2024-45776, CVE-2024-45777, CVE-2024-45778, CVE-2024-45779, CVE-2025-0622, CVE-2025-0624, CVE-2025-0689 📊baseScore: N/A 📏cvssMetrics:…
@syedaquib77
26 Feb 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-45776 Buffer Overflow Vulnerability in GRUB2 MO File Parsing with Memory Corruption Risks https://t.co/0LTUfZrDlf
@VulmonFeeds
19 Feb 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-45776 When reading the language .mo file in grub_mofile_open(), grub2 fails to verify an integer overflow when allocating its internal buffer. A crafted .mo file may lead t… https://t.co/XNsHZXOzpN
@CVEnew
18 Feb 2025
271 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes