Advisory ROSA-SA-2025-2996

software: grub2 2.06 WASP: ROSA-CHROME unaffected versions = grub2-2.06-23 affected versions grub2-2.06-23 CVE-ID: CVE-2024-45777 BDU-ID: 2025-07120 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the gettext component of the Grub operating systems loader is related to integer overflow. Exploitation...

The vulnerability in the implementation of the rmmod command for the Grub2 operating system allows a hacker to gain access to confidential data, affect the integrity of the data, and cause service failures.

The vulnerability of the rmmod command, which is used by the Grub2 operating system loader, lies in the lack of checks to ensure that loaded modules are indeed present. Exploiting this vulnerability can allow an attacker to access confidential data, compromise data integrity, and cause service...

The vulnerability of Grub2 operating system loaders, related to integer overflows in value handling, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Grub2 operating system loader is related to a numerical overflow of the UINT32 value. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures...

The vulnerability in the implementation of the grub_script_function_create() function of the Grub2 operating system allows a perpetrator to gain access to confidential data, affect the integrity of the data, and cause service failures.

The vulnerability of the grubscriptfunctioncreate function, which is part of the Grub2 operating system loader, stems from an error in function overriding. This function is already being executed. Exploiting this vulnerability could allow a perpetrator to access confidential data, compromise data...