74 matches found
SUSE-SU-2025:21212-1 Security update for grub2
This update for grub2 fixes the following issues: Changes in grub2: - CVE-2025-54771: Fixed grubfileclose does not properly controls the fs refcount bsc1252931 - CVE-2025-54770: Fixed missing unregister call for netsetvlan command may lead to use-after-free bsc1252930 - CVE-2025-61662: Fixed...
USN-7894-2: EDK II regression
USN-7894-1 fixed vulnerabilities in EDK II. The update introduced a regression in the UEFI network boot. This update reverts the corresponding fixes for CVE-2023-45236 and CVE-2023-45237 pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovere...
USN-7894-2 edk2 regression
USN-7894-1 fixed vulnerabilities in EDK II. The update introduced a regression in the UEFI network boot. This update reverts the corresponding fixes for CVE-2023-45236 and CVE-2023-45237 pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovere...
EUVD-2025-4653
Malicious code in bioql PyPI...
CLSA-2025-1747260502 kernel: Fix of 5 CVEs
ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices CVE-2024-53197 - Bluetooth: L2CAP: Fix slab-use-after-free Read in l2capsendcmd CVE-2025-21969 - ext4: fix OOB read when checking dotdot dir CVE-2025-37785 - iscsiibft: Fix UBSAN shift-out-of-bounds warning in...
grub2: net: Out-of-bounds write in grub_net_search_config_file()
A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...
grub2: net: Out-of-bounds write in grub_net_search_config_file()
A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...
grub2: net: Out-of-bounds write in grub_net_search_config_file()
A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...
grub2: net: Out-of-bounds write in grub_net_search_config_file()
A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...
grub2: net: Out-of-bounds write in grub_net_search_config_file()
A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...
grub2: net: Out-of-bounds write in grub_net_search_config_file()
A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...
grub2: net: Out-of-bounds write in grub_net_search_config_file()
A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...
grub2: net: Out-of-bounds write in grub_net_search_config_file()
A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...
OESA-2025-1232 grub2 security update
GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader, which was originally designed and implemented by Erich Stefan Boleyn. Security Fixes: A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the...
Security update for grub2
This update for grub2 fixes the following issues: CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. bsc1234958 CVE-2024-45782: Fixed strcpy overflow in hfs. bsc1233615 CVE-2024-45780: Fixed an overflow in tar/cpio. bsc1233614...
SUSE CVE-2025-0624
A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...
SUSE SLES15 Security Update : grub2 (SUSE-SU-2025:0587-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0587-1 advisory. - CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 - CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. bsc1234958 ...
CVE-2025-0624
A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...
AZL-57049 CVE-2025-0624 affecting package grub2 for versions less than 2.06-24
A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...
CVE-2025-0624
A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...