CVE-2024-45777

Medium CVSS: 6.7

A flaw was found in grub2. The calculation of the translation buffer when reading a language .mo file in grub_gettext_getstr_from_position() may overflow, leading to a Out-of-bound write. This issue can be leveraged by an attacker to overwrite grub2's sensitive heap data, eventually leading to the circumvention of secure boot protections.

Vendor

Gnu

Product

Grub2

CWE

CWE-787

Yayın Tarihi

2025-02-19 18:15:23

Güncelleme

2025-11-11 17:15:37

Source Identifier

secalert@redhat.com

KEV Date Added

Kategoriler

CWE-787 Grub2 MEDIUM Gnu 2025

Referanslar

https://access.redhat.com/errata/RHSA-2025:20532 https://access.redhat.com/security/cve/CVE-2024-45777 https://bugzilla.redhat.com/show_bug.cgi?id=2346343

Benzer Kayıtlar

High

CVE-2026-4046

The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when convertin…

Medium

CVE-2026-4647

A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files…

High

CVE-2026-4437

Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the…

Medium

CVE-2026-4438

Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the…

Medium

CVE-2026-3441

A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in t…

Medium

CVE-2026-3442

A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read,…