EulerOS Virtualization 2.13.1 : grub2 (EulerOS-SA-2026-1636)

According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability has been identified in the GRUB Grand Unified Bootloader component. This flaw occurs because the bootloader mishandl...

EulerOS 2.0 SP10 : grub2 (EulerOS-SA-2026-1311)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command...

EulerOS Virtualization 2.10.0 : grub2 (EulerOS-SA-2026-1555)

According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the...

EulerOS 2.0 SP12 : grub2 (EulerOS-SA-2026-1364)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command...

EulerOS 2.0 SP12 : grub2 (EulerOS-SA-2026-1395)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command...

NewStart CGSL MAIN 6.06 (SP) : grub2 Multiple Vulnerabilities (NS-SA-2026-0016)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has grub2 packages installed that are affected by multiple vulnerabilities: - Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a...

MiracleLinux 7 : shim-15-8.el7 (AXSA:2020-250:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-250:01 advisory. grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process CVE-2020-10713 grub2: grubmalloc does not validate allocation...

MiracleLinux 8 : shim-15.4-2.ML.2 (AXSA:2021-2258:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2258:03 advisory. grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled CVE-2020-14372 grub2: Use-after-free in rmmod...

MiracleLinux 8 : fwupd-1.1.4-7.0.1.el8, grub2-2.02-87.0.1.el8, shim-15-15.0.1, shim-unsigned-x64-15-8.0.1.el8 (AXSA:2020-773:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-773:01 advisory. grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process CVE-2020-10713 grub2: grubmalloc does not validate allocation...

MiracleLinux 9 : grub2-2.06-46.el9.3.ML.1 (AXSA:2023-5114:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5114:03 advisory. grub2: Buffer overflow in grubfontconstructglyph can lead to out-of-bound write and possible secure boot bypass CVE-2022-2601 grub2: Heap based...

MiracleLinux 8 : shim-unsigned-x64-15.4-4.el8.ML.2 (AXSA:2021-2174:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2174:02 advisory. grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled CVE-2020-14372 grub2: Use-after-free in rmmod...

MiracleLinux 9 : grub2-2.06-77.el9.ML.1 (AXSA:2024-8135:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8135:03 advisory. grub2: grub2-set-bootflag can be abused by local pseudo-users CVE-2024-1048 grub2: Out-of-bounds write at fs/ntfs.c may lead to unsigned code...

MiracleLinux 8 : fwupd-1.5.9-1.el8.ML.1 (AXSA:2022-2904:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-2904:01 advisory. grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled CVE-2020-14372 grub2: Use-after-free in rmmod...

RockyLinux 9 : grub2 (RLSA-2025:6990)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:6990 advisory. grub2: reader/jpeg: Heap OOB Write during JPEG parsing CVE-2024-45774 grub2: commands/extcmd: Missing check for failed allocation CVE-2024-45775 grub2:...

EulerOS Virtualization 2.13.0 : grub2 (EulerOS-SA-2025-2165)

According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is...

EulerOS Virtualization 2.13.1 : grub2 (EulerOS-SA-2025-2164)

According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is...

ROS-20250818-06

A vulnerability in the fs/hfs.c file of the hfs component of the Grub2 operating system boot loader is related to writing beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code in the context of the current user using a speciall...

NewStart CGSL MAIN 7.02 : grub2 Multiple Vulnerabilities (NS-SA-2025-0169)

The remote NewStart CGSL host, running version MAIN 7.02, has grub2 packages installed that are affected by multiple vulnerabilities: - A flaw was found in grub2. When reading data from a squash4 filesystem, grub's squash4 fs module uses user-controlled parameters from the filesystem geometry to...

Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2025-1799)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : grub2 (EulerOS-SA-2025-1799)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw...