18 matches found
CVE-2025-0686 affecting package grub2 for versions less than 2.06-25
CVE-2025-0686 affecting package grub2 for versions less than 2.06-25. A patched version of the package is available...
CVE-2025-0685 affecting package grub2 for versions less than 2.06-25
CVE-2025-0685 affecting package grub2 for versions less than 2.06-25. A patched version of the package is available...
CVE-2024-45778 affecting package grub2 for versions less than 2.06-25
CVE-2024-45778 affecting package grub2 for versions less than 2.06-25. A patched version of the package is available...
CVE-2025-0689 affecting package grub2 for versions less than 2.06-25
CVE-2025-0689 affecting package grub2 for versions less than 2.06-25. A patched version of the package is available...
CVE-2025-0677 affecting package grub2 for versions less than 2.06-25
CVE-2025-0677 affecting package grub2 for versions less than 2.06-25. A patched version of the package is available...
CVE-2025-0690 affecting package grub2 for versions less than 2.06-25
CVE-2025-0690 affecting package grub2 for versions less than 2.06-25. A patched version of the package is available...
CVE-2024-45780 affecting package grub2 for versions less than 2.06-25
CVE-2024-45780 affecting package grub2 for versions less than 2.06-25. A patched version of the package is available...
CVE-2019-13627 affecting package grub2 for versions less than 2.06-25
CVE-2019-13627 affecting package grub2 for versions less than 2.06-25. A patched version of the package is available...
CVE-2024-45781 affecting package grub2 for versions less than 2.06-25
CVE-2024-45781 affecting package grub2 for versions less than 2.06-25. A patched version of the package is available...
CVE-2024-56737 affecting package grub2 for versions less than 2.06-25
CVE-2024-56737 affecting package grub2 for versions less than 2.06-25. A patched version of the package is available...
AZL-57707 CVE-2025-0684 affecting package grub2 for versions less than 2.06-25
A flaw was found in grub2. When performing a symlink lookup from a reiserfs filesystem, grub's reiserfs fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesyste...
AZL-57703 CVE-2025-0678 affecting package grub2 for versions less than 2.06-25
A flaw was found in grub2. When reading data from a squash4 filesystem, grub's squash4 fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciously crafted filesystem may lead some ...
AZL-57513 CVE-2025-1125 affecting package grub2 for versions less than 2.06-25
When reading data from a hfs filesystem, grub's hfs filesystem module uses user-controlled parameters from the filesystem metadata to calculate the internal buffers size, however it misses to properly check for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size...
AZL-57007 CVE-2025-0677 affecting package grub2 for versions less than 2.06-25
A flaw was found in grub2. When performing a symlink lookup, the grub's UFS module checks the inode's data size to allocate the internal buffer to read the file content, however, it fails to check if the symlink data size has overflown. When this occurs, grubmalloc may be called with a smaller...
AZL-57025 CVE-2025-1118 affecting package grub2 for versions less than 2.06-25
A flaw was found in grub2. Grub's dump command is not blocked when grub is in lockdown mode, which allows the user to read any memory information, and an attacker may leverage this in order to extract signatures, salts, and other sensitive information from the memory...
AZL-57052 CVE-2024-45775 affecting package grub2 for versions less than 2.06-25
A flaw was found in grub2 where the grubextcmddispatcher function calls grubarglistalloc to allocate memory for the grub's argument list. However, it fails to check in case the memory allocation fails. Once the allocation fails, a NULL point will be processed by the parseoption function, leading...
AZL-57067 CVE-2024-45774 affecting package grub2 for versions less than 2.06-25
A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is not discarded...
AZL-54712 CVE-2024-56737 affecting package grub2 for versions less than 2.06-25
GNU GRUB aka GRUB2 through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem...