3 matches found
AZL-57691 CVE-2024-45782 affecting package grub2 for versions less than 2.06-25
A flaw was found in the HFS filesystem. When reading an HFS volume's name at grubfsmount, the HFS filesystem driver performs a strcpy using the user-provided volume name as input without properly validating the volume name's length. This issue may read to a heap-based out-of-bounds writer,...
CVE-2025-1125
When reading data from a hfs filesystem, grub's hfs filesystem module uses user-controlled parameters from the filesystem metadata to calculate the internal buffers size, however it misses to properly check for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size...
UBUNTU-CVE-2025-1125
When reading data from a hfs filesystem, grub's hfs filesystem module uses user-controlled parameters from the filesystem metadata to calculate the internal buffers size, however it misses to properly check for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size...