4 matches found
CVE-2024-45780 affecting package grub2 for versions less than 2.06-25
CVE-2024-45780 affecting package grub2 for versions less than 2.06-25. A patched version of the package is available...
AZL-57025 CVE-2025-1118 affecting package grub2 for versions less than 2.06-25
A flaw was found in grub2. Grub's dump command is not blocked when grub is in lockdown mode, which allows the user to read any memory information, and an attacker may leverage this in order to extract signatures, salts, and other sensitive information from the memory...
AZL-57052 CVE-2024-45775 affecting package grub2 for versions less than 2.06-25
A flaw was found in grub2 where the grubextcmddispatcher function calls grubarglistalloc to allocate memory for the grub's argument list. However, it fails to check in case the memory allocation fails. Once the allocation fails, a NULL point will be processed by the parseoption function, leading...
AZL-57067 CVE-2024-45774 affecting package grub2 for versions less than 2.06-25
A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is not discarded...