7 matches found
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2025-1907)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Distros Unpatched Vulnerability : CVE-2024-45782
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the HFS filesystem. When reading an HFS volume's name at grubfsmount, the HFS filesystem driver performs a strcpy using the user-provided...
CVE-2024-45782 Grub2: fs/hfs: strcpy() using the volume name (fs/hfs.c:382)
A flaw was found in the HFS filesystem. When reading an HFS volume's name at grubfsmount, the HFS filesystem driver performs a strcpy using the user-provided volume name as input without properly validating the volume name's length. This issue may read to a heap-based out-of-bounds writer,...
CVE-2024-45782 Grub2: fs/hfs: strcpy() using the volume name (fs/hfs.c:382)
A flaw was found in the HFS filesystem. When reading an HFS volume's name at grubfsmount, the HFS filesystem driver performs a strcpy using the user-provided volume name as input without properly validating the volume name's length. This issue may read to a heap-based out-of-bounds writer,...
SUSE SLES15: grub2 / grub2-arm64-efi / grub2-i386-pc / grub2-powerpc-ieee1275 / etc (SUSE-SU-2025:0588-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0588-1 advisory. - CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 - CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. bsc1234958 ...
BELL-CVE-2024-45782
Bulletin has no description...
CVE-2024-45782
A flaw was found in the HFS filesystem. When reading an HFS volume's name at grubfsmount, the HFS filesystem driver performs a strcpy using the user-provided volume name as input without properly validating the volume name's length. This issue may read to a heap-based out-of-bounds writer,...