1736 matches found
CVE-2025-54770
A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service DoS risk. This flaw is a Use-after-Free issue, caused because the netsetvlan command is not properly unregistered when the network module is unloaded from memory. An attacker who...
DEBIAN-CVE-2025-54770
A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service DoS risk. This flaw is a Use-after-Free issue, caused because the netsetvlan command is not properly unregistered when the network module is unloaded from memory. An attacker who...
DEBIAN-CVE-2025-61661
A vulnerability has been identified in the GRUB Grand Unified Bootloader component. This flaw occurs because the bootloader mishandles string conversion when reading information from a USB device, allowing an attacker to exploit inconsistent length values. A local attacker can connect a malicious...
AZL-70580 CVE-2025-61661 affecting package grub2 for versions less than 2.06-26
A vulnerability has been identified in the GRUB Grand Unified Bootloader component. This flaw occurs because the bootloader mishandles string conversion when reading information from a USB device, allowing an attacker to exploit inconsistent length values. A local attacker can connect a malicious...
CVE-2025-61661
A vulnerability has been identified in the GRUB Grand Unified Bootloader component. This flaw occurs because the bootloader mishandles string conversion when reading information from a USB device, allowing an attacker to exploit inconsistent length values. A local attacker can connect a malicious...
CVE-2025-61664
A vulnerability in the GRUB2 bootloader has been identified in the normal module. This flaw, a memory Use After Free issue, occurs because the normalexit command is not properly unregistered when its related module is unloaded. An attacker can exploit this condition by invoking the command after...
UBUNTU-CVE-2025-61663
A vulnerability has been identified in the GRUB2 bootloader's normal command that poses an immediate Denial of Service DoS risk. This flaw is a Use-after-Free issue, caused because the normal command is not properly unregistered when the module is unloaded. An attacker who can execute this comman...
UBUNTU-CVE-2025-54770
A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service DoS risk. This flaw is a Use-after-Free issue, caused because the netsetvlan command is not properly unregistered when the network module is unloaded from memory. An attacker who...
UBUNTU-CVE-2025-54771
A use-after-free vulnerability has been identified in the GNU GRUB Grand Unified Bootloader. The flaw occurs because the file-closing process incorrectly retains a memory pointer, leaving an invalid reference to a file system structure. An attacker could exploit this vulnerability to cause grub t...
UBUNTU-CVE-2025-61664
A vulnerability in the GRUB2 bootloader has been identified in the normal module. This flaw, a memory Use After Free issue, occurs because the normalexit command is not properly unregistered when its related module is unloaded. An attacker can exploit this condition by invoking the command after...
CVE-2025-54770
A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service DoS risk. This flaw is a Use-after-Free issue, caused because the netsetvlan command is not properly unregistered when the network module is unloaded from memory. An attacker who...
CVE-2025-54770
CVE-2025-54770 is a Use-After-Free in GRUB2’s network module (net_set_vlan) triggered when the network module is unloaded, allowing a local attacker to access freed memory and cause a DoS crash. Connected advisories (ALAS/OpenSUSE/SUSE) confirm this issue across grub2 packages and list affected r...
CVE-2025-54770 Grub2: use-after-free in net_set_vlan
A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service DoS risk. This flaw is a Use-after-Free issue, caused because the netsetvlan command is not properly unregistered when the network module is unloaded from memory. An attacker who...
EUVD-2025-198079
A vulnerability in the GRUB2 bootloader has been identified in the normal module. This flaw, a memory Use After Free issue, occurs because the normalexit command is not properly unregistered when its related module is unloaded. An attacker can exploit this condition by invoking the command after...
CVE-2025-61664 Grub2: missing unregister call for normal_exit command may lead to use-after-free
A vulnerability in the GRUB2 bootloader has been identified in the normal module. This flaw, a memory Use After Free issue, occurs because the normalexit command is not properly unregistered when its related module is unloaded. An attacker can exploit this condition by invoking the command after...
CVE-2025-61664
A vulnerability in the GRUB2 bootloader has been identified in the normal module. This flaw, a memory Use After Free issue, occurs because the normalexit command is not properly unregistered when its related module is unloaded. An attacker can exploit this condition by invoking the command after...
CVE-2025-61664
CVE-2025-61664 (GRUB2) is a Use-After-Free in the normal module where the normal_exit command is not properly unregistered when a module is unloaded. An attacker could invoke the orphaned/normal_exit path after the module removal, causing the system to access a previously freed memory location an...
CVE-2025-61663 Grub2: missing unregister call for normal commands may lead to use-after-free
A vulnerability has been identified in the GRUB2 bootloader's normal command that poses an immediate Denial of Service DoS risk. This flaw is a Use-after-Free issue, caused because the normal command is not properly unregistered when the module is unloaded. An attacker who can execute this comman...
CVE-2025-61663
CVE-2025-61663 describes a Use-After-Free in GRUB2's normal command: when the module is unloaded, the normal command is not properly unregistered, allowing a attacker to invoke the command and trigger access to freed memory, causing system crash and Denial of Service with potential impact on inte...
CVE-2025-61663
A vulnerability has been identified in the GRUB2 bootloader's normal command that poses an immediate Denial of Service DoS risk. This flaw is a Use-after-Free issue, caused because the normal command is not properly unregistered when the module is unloaded. An attacker who can execute this comman...