affected published on 18 Dec 2025 CVE-2025-54770 4.9 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW updated 1 month ago by @LeSuisse Activity log Created automatic suggestion 1 month, 4 weeks ago @LeSuisse removed 2 packages grub2_pvgrub_image grub2_pvhgrub_image 1 month ago @LeSuisse removed maintainer @SigmaSquadron 1 month ago @LeSuisse added 2 maintainers @hehongbo @digitalrane 1 month ago @LeSuisse removed maintainer @hehongbo 1 month ago @LeSuisse added maintainer @CertainLach 1 month ago @LeSuisse removed 2 maintainers @digitalrane @CertainLach 1 month ago @LeSuisse accepted as draft 1 month ago @LeSuisse published on GitHub 1 month ago Grub2: use-after-free in net_set_vlan A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service (DoS) risk. This flaw is a Use-after-Free issue, caused because the net_set_vlan command is not properly unregistered when the network module is unloaded from memory. An attacker who can execute this command can force the system to access memory locations that are no longer valid. Successful exploitation leads directly to system instability, which can result in a complete crash and halt system availability Affected products grub2 =<2.14 rhcos Matching in nixpkgs
CVE-2025-54770 4.9 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW updated 1 month ago by @LeSuisse Activity log Created automatic suggestion 1 month, 4 weeks ago @LeSuisse removed 2 packages grub2_pvgrub_image grub2_pvhgrub_image 1 month ago @LeSuisse removed maintainer @SigmaSquadron 1 month ago @LeSuisse added 2 maintainers @hehongbo @digitalrane 1 month ago @LeSuisse removed maintainer @hehongbo 1 month ago @LeSuisse added maintainer @CertainLach 1 month ago @LeSuisse removed 2 maintainers @digitalrane @CertainLach 1 month ago @LeSuisse accepted as draft 1 month ago @LeSuisse published on GitHub 1 month ago Grub2: use-after-free in net_set_vlan A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service (DoS) risk. This flaw is a Use-after-Free issue, caused because the net_set_vlan command is not properly unregistered when the network module is unloaded from memory. An attacker who can execute this command can force the system to access memory locations that are no longer valid. Successful exploitation leads directly to system instability, which can result in a complete crash and halt system availability Affected products grub2 =<2.14 rhcos Matching in nixpkgs