Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bfs: Reconstructing the file type when loading from disk syzbot reports that the SIFMT bits of the inode-imode field can become invalid when: 1. The 32-bit “mode” field loaded from disk is corrupted; 2. The 32-bit “attributes”...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010872)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010872 advisory. In the Linux kernel, the following vulnerability has been resolved: bfs: Reconstruct file type when loading from disk syzbot is reporting that SIFMT bits of...

USN-8179-2 linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

USN-8116-1: Linux kernel (Intel IoTG Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - ATM...

EUVD-2025-5594

Malicious code in bioql PyPI...

Advisory ROSA-SA-2025-3000

software: grub2 2.06 WASP: ROSA-CHROME unaffected versions = grub2-2.06-24 affected versions grub2-2.06-24 CVE-ID: CVE-2024-45779 BDU-ID: 2025-03832 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the BFS file system of the Grub2 operating system boot loader is related to reads outside the allowed...

OESA-2025-1291 grub2 security update

GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader, which was originally designed and implemented by Erich Stefan Boleyn. Security Fixes: A flaw was found in grub2 where the grubextcmddispatcher function calls grubarglistalloc to allocate memory for the...

GNU GRUB2 Buffer Overflow Vulnerability (CNVD-2025-08322)

GRUB2 is a multiple bootloader for the GNU Project. GNU GRUB2 suffers from a buffer overflow vulnerability that stems from a buffer overflow problem contained in reading the BFS file system. An attacker could exploit this vulnerability to cause a denial of service...

GNU GRUB2 Buffer Overflow Vulnerability (CNVD-2025-08323)

GRUB2 is a multiple bootloader for the GNU Project. GNU GRUB2 suffers from a buffer overflow vulnerability that stems from an integer overflow flaw found in GRUB2's BFS file system driver. No detailed vulnerability details are provided at this time...

DEBIAN-CVE-2024-45778

A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash...

AZL-57685 CVE-2024-45778 affecting package grub2 for versions less than 2.06-15

A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash...

CVE-2024-45778

A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash...

CVE-2024-45778

CVE-2024-45778 affects grub2, caused by a stack overflow when reading a BFS filesystem. A crafted BFS image can trigger an uncontrolled loop and crash grub2, per the NVD entry. Likely impact is availability (HIGH), with local access required (attack vector LOCAL), low attack complexity and low pr...

CVE-2024-45779

An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a he...

AZL-57552 CVE-2024-45779 affecting package grub2 for versions less than 2.06-15

An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a he...

CVE-2024-45779

An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a he...

CVE-2024-45779

CVE-2024-45779 (grub2 BFS integer overflow): Affects the BFS filesystem driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read, which can cause an integer overflow during file reading. This may trigger a heap-based bounds ...

OESA-2025-1217 grub2 security update

GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader, which was originally designed and implemented by Erich Stefan Boleyn. Security Fixes: A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the...

CVE-2024-45778

A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria...

CVE-2024-45779

An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a he...