Automatically generated suggestions

to slate a suggestion for refinement.

to mark a suggestion as irrelevant and log the reason.

View:

Compact

Detailed

Permalink CVE-2025-0624

7.6 HIGH

CVSS version: 3.1
Attack vector (AV): ADJACENT_NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): HIGH
User interaction (UI): NONE
Scope (S): CHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months ago

Grub2: net: out-of-bounds write in grub_net_search_config_file()

A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grub_strcpy() function. During this step, it fails to consider the environment variable length when allocating the internal buffer, resulting in an out-of-bounds write. If correctly exploited, this issue may result in remote code execution through the same network segment grub is searching for the boot information, which can be used to by-pass secure boot protections.

References

https://access.redhat.com/security/cve/CVE-2025-0624 x_refsource_REDHAT vdb-entry
RHBZ#2346112 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0624 x_refsource_REDHAT vdb-entry
RHBZ#2346112 issue-tracking x_refsource_REDHAT
RHBZ#2346112 issue-tracking x_refsource_REDHAT
RHSA-2025:2521 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0624 x_refsource_REDHAT vdb-entry
RHSA-2025:2521 vendor-advisory x_refsource_REDHAT
RHSA-2025:2653 vendor-advisory x_refsource_REDHAT
RHSA-2025:2655 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0624 x_refsource_REDHAT vdb-entry
RHBZ#2346112 issue-tracking x_refsource_REDHAT
RHSA-2025:2521 vendor-advisory x_refsource_REDHAT
RHSA-2025:2653 vendor-advisory x_refsource_REDHAT
RHSA-2025:2655 vendor-advisory x_refsource_REDHAT
RHSA-2025:2675 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0624 x_refsource_REDHAT vdb-entry
RHBZ#2346112 issue-tracking x_refsource_REDHAT
RHSA-2025:2521 vendor-advisory x_refsource_REDHAT
RHSA-2025:2653 vendor-advisory x_refsource_REDHAT
RHSA-2025:2655 vendor-advisory x_refsource_REDHAT
RHSA-2025:2675 vendor-advisory x_refsource_REDHAT
RHSA-2025:2784 vendor-advisory x_refsource_REDHAT
RHSA-2025:2799 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0624 x_refsource_REDHAT vdb-entry
RHBZ#2346112 issue-tracking x_refsource_REDHAT
RHSA-2025:2867 vendor-advisory x_refsource_REDHAT
RHSA-2025:2869 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0624 x_refsource_REDHAT vdb-entry
RHBZ#2346112 issue-tracking x_refsource_REDHAT
RHSA-2025:2521 vendor-advisory x_refsource_REDHAT
RHSA-2025:2653 vendor-advisory x_refsource_REDHAT
RHSA-2025:2655 vendor-advisory x_refsource_REDHAT
RHSA-2025:2675 vendor-advisory x_refsource_REDHAT
RHSA-2025:2784 vendor-advisory x_refsource_REDHAT
RHSA-2025:2799 vendor-advisory x_refsource_REDHAT
RHSA-2025:2521 vendor-advisory x_refsource_REDHAT
RHSA-2025:2653 vendor-advisory x_refsource_REDHAT
RHSA-2025:2655 vendor-advisory x_refsource_REDHAT
RHSA-2025:2675 vendor-advisory x_refsource_REDHAT
RHSA-2025:2784 vendor-advisory x_refsource_REDHAT
RHSA-2025:2799 vendor-advisory x_refsource_REDHAT
RHSA-2025:2867 vendor-advisory x_refsource_REDHAT
RHSA-2025:2869 vendor-advisory x_refsource_REDHAT
RHSA-2025:3367 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0624 x_refsource_REDHAT vdb-entry
RHBZ#2346112 issue-tracking x_refsource_REDHAT
RHSA-2025:3367 vendor-advisory x_refsource_REDHAT
RHSA-2025:3396 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0624 x_refsource_REDHAT vdb-entry
RHBZ#2346112 issue-tracking x_refsource_REDHAT
RHSA-2025:2521 vendor-advisory x_refsource_REDHAT
RHSA-2025:2653 vendor-advisory x_refsource_REDHAT
RHSA-2025:2655 vendor-advisory x_refsource_REDHAT
RHSA-2025:2675 vendor-advisory x_refsource_REDHAT
RHSA-2025:2784 vendor-advisory x_refsource_REDHAT
RHSA-2025:2799 vendor-advisory x_refsource_REDHAT
RHSA-2025:2867 vendor-advisory x_refsource_REDHAT
RHSA-2025:2869 vendor-advisory x_refsource_REDHAT
RHSA-2025:2784 vendor-advisory x_refsource_REDHAT
RHSA-2025:2799 vendor-advisory x_refsource_REDHAT
RHSA-2025:2867 vendor-advisory x_refsource_REDHAT
RHSA-2025:2869 vendor-advisory x_refsource_REDHAT
RHSA-2025:3297 vendor-advisory x_refsource_REDHAT
RHSA-2025:3301 vendor-advisory x_refsource_REDHAT
RHSA-2025:3367 vendor-advisory x_refsource_REDHAT
RHSA-2025:3396 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0624 x_refsource_REDHAT vdb-entry
RHBZ#2346112 issue-tracking x_refsource_REDHAT
RHSA-2025:2521 vendor-advisory x_refsource_REDHAT
RHSA-2025:2653 vendor-advisory x_refsource_REDHAT
RHSA-2025:2655 vendor-advisory x_refsource_REDHAT
RHSA-2025:2675 vendor-advisory x_refsource_REDHAT
RHSA-2025:2521 vendor-advisory x_refsource_REDHAT
RHSA-2025:2653 vendor-advisory x_refsource_REDHAT
RHSA-2025:2655 vendor-advisory x_refsource_REDHAT
RHSA-2025:2675 vendor-advisory x_refsource_REDHAT
RHSA-2025:2784 vendor-advisory x_refsource_REDHAT
RHSA-2025:2799 vendor-advisory x_refsource_REDHAT
RHSA-2025:2867 vendor-advisory x_refsource_REDHAT
RHSA-2025:2869 vendor-advisory x_refsource_REDHAT
RHSA-2025:3297 vendor-advisory x_refsource_REDHAT
RHSA-2025:3301 vendor-advisory x_refsource_REDHAT
RHSA-2025:3367 vendor-advisory x_refsource_REDHAT
RHSA-2025:3396 vendor-advisory x_refsource_REDHAT
RHSA-2025:3573 vendor-advisory x_refsource_REDHAT
RHSA-2025:3577 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0624 x_refsource_REDHAT vdb-entry
RHBZ#2346112 issue-tracking x_refsource_REDHAT
RHSA-2025:3367 vendor-advisory x_refsource_REDHAT
RHSA-2025:3396 vendor-advisory x_refsource_REDHAT
RHSA-2025:3573 vendor-advisory x_refsource_REDHAT
RHSA-2025:3577 vendor-advisory x_refsource_REDHAT
RHSA-2025:3780 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0624 x_refsource_REDHAT vdb-entry
RHBZ#2346112 issue-tracking x_refsource_REDHAT
RHSA-2025:2521 vendor-advisory x_refsource_REDHAT
RHSA-2025:2653 vendor-advisory x_refsource_REDHAT
RHSA-2025:2655 vendor-advisory x_refsource_REDHAT
RHSA-2025:2675 vendor-advisory x_refsource_REDHAT
RHSA-2025:2784 vendor-advisory x_refsource_REDHAT
RHSA-2025:2799 vendor-advisory x_refsource_REDHAT
RHSA-2025:2867 vendor-advisory x_refsource_REDHAT
RHSA-2025:2869 vendor-advisory x_refsource_REDHAT
RHSA-2025:3297 vendor-advisory x_refsource_REDHAT
RHSA-2025:3301 vendor-advisory x_refsource_REDHAT
RHSA-2025:2784 vendor-advisory x_refsource_REDHAT
RHSA-2025:2799 vendor-advisory x_refsource_REDHAT
RHSA-2025:2867 vendor-advisory x_refsource_REDHAT
RHSA-2025:2869 vendor-advisory x_refsource_REDHAT
RHSA-2025:3297 vendor-advisory x_refsource_REDHAT
RHSA-2025:3301 vendor-advisory x_refsource_REDHAT
RHSA-2025:3367 vendor-advisory x_refsource_REDHAT
RHSA-2025:3396 vendor-advisory x_refsource_REDHAT
RHSA-2025:3573 vendor-advisory x_refsource_REDHAT
RHSA-2025:3577 vendor-advisory x_refsource_REDHAT
RHSA-2025:3780 vendor-advisory x_refsource_REDHAT
RHSA-2025:4422 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0624 x_refsource_REDHAT vdb-entry
RHBZ#2346112 issue-tracking x_refsource_REDHAT
RHSA-2025:2521 vendor-advisory x_refsource_REDHAT
RHSA-2025:2653 vendor-advisory x_refsource_REDHAT
RHSA-2025:2655 vendor-advisory x_refsource_REDHAT
RHSA-2025:2675 vendor-advisory x_refsource_REDHAT
RHSA-2025:2521 vendor-advisory x_refsource_REDHAT
RHSA-2025:2653 vendor-advisory x_refsource_REDHAT
RHSA-2025:2655 vendor-advisory x_refsource_REDHAT
RHSA-2025:2675 vendor-advisory x_refsource_REDHAT
RHSA-2025:2784 vendor-advisory x_refsource_REDHAT
RHSA-2025:2799 vendor-advisory x_refsource_REDHAT
RHSA-2025:2867 vendor-advisory x_refsource_REDHAT
RHSA-2025:2869 vendor-advisory x_refsource_REDHAT
RHSA-2025:3297 vendor-advisory x_refsource_REDHAT
RHSA-2025:3301 vendor-advisory x_refsource_REDHAT
RHSA-2025:3367 vendor-advisory x_refsource_REDHAT
RHSA-2025:3396 vendor-advisory x_refsource_REDHAT
RHSA-2025:3573 vendor-advisory x_refsource_REDHAT
RHSA-2025:3577 vendor-advisory x_refsource_REDHAT
RHSA-2025:3780 vendor-advisory x_refsource_REDHAT
RHSA-2025:4422 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0624 x_refsource_REDHAT vdb-entry
RHBZ#2346112 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20250516-0006/
RHSA-2025:2521 vendor-advisory x_refsource_REDHAT
RHSA-2025:2653 vendor-advisory x_refsource_REDHAT
RHSA-2025:2655 vendor-advisory x_refsource_REDHAT
RHSA-2025:2675 vendor-advisory x_refsource_REDHAT
RHSA-2025:2784 vendor-advisory x_refsource_REDHAT
RHSA-2025:2799 vendor-advisory x_refsource_REDHAT
RHSA-2025:2867 vendor-advisory x_refsource_REDHAT
RHSA-2025:2869 vendor-advisory x_refsource_REDHAT
RHSA-2025:3297 vendor-advisory x_refsource_REDHAT
RHSA-2025:3301 vendor-advisory x_refsource_REDHAT
RHSA-2025:3367 vendor-advisory x_refsource_REDHAT
RHSA-2025:3396 vendor-advisory x_refsource_REDHAT
RHSA-2025:3573 vendor-advisory x_refsource_REDHAT
RHSA-2025:3577 vendor-advisory x_refsource_REDHAT
RHSA-2025:3780 vendor-advisory x_refsource_REDHAT
RHSA-2025:4422 vendor-advisory x_refsource_REDHAT
RHSA-2025:7702 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0624 x_refsource_REDHAT vdb-entry
RHBZ#2346112 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20250516-0006/
RHSA-2025:2521 vendor-advisory x_refsource_REDHAT
RHSA-2025:2653 vendor-advisory x_refsource_REDHAT
RHSA-2025:2655 vendor-advisory x_refsource_REDHAT
RHSA-2025:2675 vendor-advisory x_refsource_REDHAT
RHSA-2025:2784 vendor-advisory x_refsource_REDHAT
RHSA-2025:2799 vendor-advisory x_refsource_REDHAT
RHSA-2025:2867 vendor-advisory x_refsource_REDHAT
RHSA-2025:2869 vendor-advisory x_refsource_REDHAT
RHSA-2025:3297 vendor-advisory x_refsource_REDHAT
RHSA-2025:3301 vendor-advisory x_refsource_REDHAT
RHSA-2025:3367 vendor-advisory x_refsource_REDHAT
RHSA-2025:3396 vendor-advisory x_refsource_REDHAT
RHSA-2025:3573 vendor-advisory x_refsource_REDHAT
RHSA-2025:3577 vendor-advisory x_refsource_REDHAT
RHSA-2025:3780 vendor-advisory x_refsource_REDHAT
RHSA-2025:4422 vendor-advisory x_refsource_REDHAT
RHSA-2025:7702 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0624 x_refsource_REDHAT vdb-entry
RHBZ#2346112 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20250516-0006/
RHSA-2025:2521 vendor-advisory x_refsource_REDHAT
RHSA-2025:2653 vendor-advisory x_refsource_REDHAT
RHSA-2025:2655 vendor-advisory x_refsource_REDHAT
RHSA-2025:2675 vendor-advisory x_refsource_REDHAT
RHSA-2025:2784 vendor-advisory x_refsource_REDHAT
RHSA-2025:2799 vendor-advisory x_refsource_REDHAT
RHSA-2025:2867 vendor-advisory x_refsource_REDHAT
RHSA-2025:2869 vendor-advisory x_refsource_REDHAT
RHSA-2025:3297 vendor-advisory x_refsource_REDHAT
RHSA-2025:3301 vendor-advisory x_refsource_REDHAT
RHSA-2025:3367 vendor-advisory x_refsource_REDHAT
RHSA-2025:3396 vendor-advisory x_refsource_REDHAT
RHSA-2025:3573 vendor-advisory x_refsource_REDHAT
RHSA-2025:3577 vendor-advisory x_refsource_REDHAT
RHSA-2025:3780 vendor-advisory x_refsource_REDHAT
RHSA-2025:4422 vendor-advisory x_refsource_REDHAT
RHSA-2025:7702 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0624 x_refsource_REDHAT vdb-entry
RHBZ#2346112 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20250516-0006/
RHSA-2025:2521 vendor-advisory x_refsource_REDHAT
RHSA-2025:2653 vendor-advisory x_refsource_REDHAT
RHSA-2025:2655 vendor-advisory x_refsource_REDHAT
RHSA-2025:2675 vendor-advisory x_refsource_REDHAT
RHSA-2025:2784 vendor-advisory x_refsource_REDHAT
RHSA-2025:2799 vendor-advisory x_refsource_REDHAT
RHSA-2025:2867 vendor-advisory x_refsource_REDHAT
RHSA-2025:2869 vendor-advisory x_refsource_REDHAT
RHSA-2025:3297 vendor-advisory x_refsource_REDHAT
RHSA-2025:3301 vendor-advisory x_refsource_REDHAT
RHSA-2025:3367 vendor-advisory x_refsource_REDHAT
RHSA-2025:3396 vendor-advisory x_refsource_REDHAT
RHSA-2025:3573 vendor-advisory x_refsource_REDHAT
RHSA-2025:3577 vendor-advisory x_refsource_REDHAT
RHSA-2025:3780 vendor-advisory x_refsource_REDHAT
RHSA-2025:4422 vendor-advisory x_refsource_REDHAT
RHSA-2025:7702 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0624 x_refsource_REDHAT vdb-entry
RHBZ#2346112 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20250516-0006/
RHSA-2025:2521 vendor-advisory x_refsource_REDHAT
RHSA-2025:2653 vendor-advisory x_refsource_REDHAT
RHSA-2025:2655 vendor-advisory x_refsource_REDHAT
RHSA-2025:2675 vendor-advisory x_refsource_REDHAT
RHSA-2025:2784 vendor-advisory x_refsource_REDHAT
RHSA-2025:2799 vendor-advisory x_refsource_REDHAT
RHSA-2025:2867 vendor-advisory x_refsource_REDHAT
RHSA-2025:2869 vendor-advisory x_refsource_REDHAT
RHSA-2025:3297 vendor-advisory x_refsource_REDHAT
RHSA-2025:3301 vendor-advisory x_refsource_REDHAT
RHSA-2025:3367 vendor-advisory x_refsource_REDHAT
RHSA-2025:3396 vendor-advisory x_refsource_REDHAT
RHSA-2025:3573 vendor-advisory x_refsource_REDHAT
RHSA-2025:3577 vendor-advisory x_refsource_REDHAT
RHSA-2025:3780 vendor-advisory x_refsource_REDHAT
RHSA-2025:4422 vendor-advisory x_refsource_REDHAT
RHSA-2025:7702 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0624 x_refsource_REDHAT vdb-entry
RHBZ#2346112 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20250516-0006/
https://security.netapp.com/advisory/ntap-20250516-0006/
RHSA-2025:3573 vendor-advisory x_refsource_REDHAT
RHSA-2025:3577 vendor-advisory x_refsource_REDHAT
RHSA-2025:3780 vendor-advisory x_refsource_REDHAT
RHSA-2025:4422 vendor-advisory x_refsource_REDHAT
RHSA-2025:7702 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0624 x_refsource_REDHAT vdb-entry
RHBZ#2346112 issue-tracking x_refsource_REDHAT
RHSA-2025:2521 vendor-advisory x_refsource_REDHAT
RHSA-2025:2653 vendor-advisory x_refsource_REDHAT
RHSA-2025:2655 vendor-advisory x_refsource_REDHAT
RHSA-2025:2675 vendor-advisory x_refsource_REDHAT
RHSA-2025:2784 vendor-advisory x_refsource_REDHAT
RHSA-2025:2799 vendor-advisory x_refsource_REDHAT
RHSA-2025:2867 vendor-advisory x_refsource_REDHAT
RHSA-2025:2869 vendor-advisory x_refsource_REDHAT
RHSA-2025:3297 vendor-advisory x_refsource_REDHAT
RHSA-2025:3301 vendor-advisory x_refsource_REDHAT
RHSA-2025:3367 vendor-advisory x_refsource_REDHAT
RHSA-2025:3396 vendor-advisory x_refsource_REDHAT
RHSA-2025:2521 vendor-advisory x_refsource_REDHAT
RHSA-2025:2653 vendor-advisory x_refsource_REDHAT
RHSA-2025:2655 vendor-advisory x_refsource_REDHAT
RHSA-2025:2675 vendor-advisory x_refsource_REDHAT
RHSA-2025:2784 vendor-advisory x_refsource_REDHAT
RHSA-2025:2799 vendor-advisory x_refsource_REDHAT
RHSA-2025:2867 vendor-advisory x_refsource_REDHAT
RHSA-2025:2869 vendor-advisory x_refsource_REDHAT
RHSA-2025:3297 vendor-advisory x_refsource_REDHAT
RHSA-2025:3301 vendor-advisory x_refsource_REDHAT
RHSA-2025:3367 vendor-advisory x_refsource_REDHAT
RHSA-2025:3396 vendor-advisory x_refsource_REDHAT
RHSA-2025:3573 vendor-advisory x_refsource_REDHAT
RHSA-2025:3577 vendor-advisory x_refsource_REDHAT
RHSA-2025:3780 vendor-advisory x_refsource_REDHAT
RHSA-2025:4422 vendor-advisory x_refsource_REDHAT
RHSA-2025:7702 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0624 x_refsource_REDHAT vdb-entry
RHBZ#2346112 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20250516-0006/

Affected products

grub2

=<2.12
*

rhcos

Matching in nixpkgs

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

nixos-unstable -
- nixpkgs-unstable

pkgs.grub2_pvhgrub_image

PvGrub2 image for booting PVH Xen guests

nixos-unstable -
- nixpkgs-unstable

Package maintainers

@hehongbo Hongbo
@digitalrane Rane <rane+git@junkyard.systems>
@CertainLach Yaroslav Bolyukin <iam@lach.pw>
@SigmaSquadron Fernando Rodrigues <alpha@sigmasquadron.net>

Permalink CVE-2024-45781

6.7 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): HIGH
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months ago

Grub2: fs/ufs: oob write in the heap

A flaw was found in grub2. When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length taken as an input. The lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and eventually allowing an attacker to circumvent secure boot protections.

References

https://access.redhat.com/security/cve/CVE-2024-45781 x_refsource_REDHAT vdb-entry
RHBZ#2345857 issue-tracking x_refsource_REDHAT
RHBZ#2345857 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45781 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2024-45781 x_refsource_REDHAT vdb-entry
RHBZ#2345857 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45781 x_refsource_REDHAT vdb-entry
RHBZ#2345857 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45781 x_refsource_REDHAT vdb-entry
RHBZ#2345857 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45781 x_refsource_REDHAT vdb-entry
RHBZ#2345857 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45781 x_refsource_REDHAT vdb-entry
RHBZ#2345857 issue-tracking x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45781 x_refsource_REDHAT vdb-entry
RHBZ#2345857 issue-tracking x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45781 x_refsource_REDHAT vdb-entry
RHBZ#2345857 issue-tracking x_refsource_REDHAT
RHBZ#2345857 issue-tracking x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45781 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2024-45781 x_refsource_REDHAT vdb-entry
RHBZ#2345857 issue-tracking x_refsource_REDHAT
RHSA-2025:16154 vendor-advisory x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
RHBZ#2345857 issue-tracking x_refsource_REDHAT
RHSA-2025:16154 vendor-advisory x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45781 x_refsource_REDHAT vdb-entry
RHSA-2025:16154 vendor-advisory x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45781 x_refsource_REDHAT vdb-entry
RHBZ#2345857 issue-tracking x_refsource_REDHAT

Affected products

grub2

=<2.12
*

rhcos

Matching in nixpkgs

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

nixos-unstable -
- nixpkgs-unstable

pkgs.grub2_pvhgrub_image

PvGrub2 image for booting PVH Xen guests

nixos-unstable -
- nixpkgs-unstable

Package maintainers

@hehongbo Hongbo
@digitalrane Rane <rane+git@junkyard.systems>
@CertainLach Yaroslav Bolyukin <iam@lach.pw>
@SigmaSquadron Fernando Rodrigues <alpha@sigmasquadron.net>

Permalink CVE-2024-45783

4.4 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): HIGH
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months ago

Grub2: fs/hfs+: refcount can be decremented twice

A flaw was found in grub2. When failing to mount an HFS+ grub, the hfsplus filesystem driver doesn't properly set an ERRNO value. This issue may lead to a NULL pointer access.

References

https://access.redhat.com/security/cve/CVE-2024-45783 x_refsource_REDHAT vdb-entry
RHBZ#2345863 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45783 x_refsource_REDHAT vdb-entry
RHBZ#2345863 issue-tracking x_refsource_REDHAT
RHBZ#2345863 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45783 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2024-45783 x_refsource_REDHAT vdb-entry
RHBZ#2345863 issue-tracking x_refsource_REDHAT
RHBZ#2345863 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45783 x_refsource_REDHAT vdb-entry
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45783 x_refsource_REDHAT vdb-entry
RHBZ#2345863 issue-tracking x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45783 x_refsource_REDHAT vdb-entry
RHBZ#2345863 issue-tracking x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45783 x_refsource_REDHAT vdb-entry
RHBZ#2345863 issue-tracking x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45783 x_refsource_REDHAT vdb-entry
RHBZ#2345863 issue-tracking x_refsource_REDHAT

Affected products

grub2

=<2.12
*

rhcos

Matching in nixpkgs

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

nixos-unstable -
- nixpkgs-unstable

pkgs.grub2_pvhgrub_image

PvGrub2 image for booting PVH Xen guests

nixos-unstable -
- nixpkgs-unstable

Package maintainers

@hehongbo Hongbo
@digitalrane Rane <rane+git@junkyard.systems>
@CertainLach Yaroslav Bolyukin <iam@lach.pw>
@SigmaSquadron Fernando Rodrigues <alpha@sigmasquadron.net>

Permalink CVE-2024-45774

6.7 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): HIGH
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months ago

Grub2: reader/jpeg: heap oob write during jpeg parsing

A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is not discarded.

References

https://access.redhat.com/security/cve/CVE-2024-45774 x_refsource_REDHAT vdb-entry
RHBZ#2337461 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45774 x_refsource_REDHAT vdb-entry
RHBZ#2337461 issue-tracking x_refsource_REDHAT
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
https://access.redhat.com/security/cve/CVE-2024-45774 x_refsource_REDHAT vdb-entry
RHBZ#2337461 issue-tracking x_refsource_REDHAT
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
https://access.redhat.com/security/cve/CVE-2024-45774 x_refsource_REDHAT vdb-entry
RHBZ#2337461 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45774 x_refsource_REDHAT vdb-entry
RHBZ#2337461 issue-tracking x_refsource_REDHAT
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45774 x_refsource_REDHAT vdb-entry
RHBZ#2337461 issue-tracking x_refsource_REDHAT
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45774 x_refsource_REDHAT vdb-entry
RHBZ#2337461 issue-tracking x_refsource_REDHAT
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45774 x_refsource_REDHAT vdb-entry
RHBZ#2337461 issue-tracking x_refsource_REDHAT
RHBZ#2337461 issue-tracking x_refsource_REDHAT
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45774 x_refsource_REDHAT vdb-entry
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45774 x_refsource_REDHAT vdb-entry
RHBZ#2337461 issue-tracking x_refsource_REDHAT
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

Affected products

grub2

=<2.12
*

rhcos

Matching in nixpkgs

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

nixos-unstable -
- nixpkgs-unstable

pkgs.grub2_pvhgrub_image

PvGrub2 image for booting PVH Xen guests

nixos-unstable -
- nixpkgs-unstable

Package maintainers

@hehongbo Hongbo
@digitalrane Rane <rane+git@junkyard.systems>
@CertainLach Yaroslav Bolyukin <iam@lach.pw>
@SigmaSquadron Fernando Rodrigues <alpha@sigmasquadron.net>

Permalink CVE-2025-0622

6.4 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): HIGH
Privileges required (PR): HIGH
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months ago

Grub2: command/gpg: use-after-free due to hooks not being removed on module unload

A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If correctly exploited, this vulnerability may result in arbitrary code execution, eventually allowing the attacker to bypass secure boot protections.

References

RHBZ#2345865 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0622 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2025-0622 x_refsource_REDHAT vdb-entry
RHBZ#2345865 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0622 x_refsource_REDHAT vdb-entry
RHBZ#2345865 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0622 x_refsource_REDHAT vdb-entry
RHBZ#2345865 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0622 x_refsource_REDHAT vdb-entry
RHBZ#2345865 issue-tracking x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0622 x_refsource_REDHAT vdb-entry
RHBZ#2345865 issue-tracking x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0622 x_refsource_REDHAT vdb-entry
RHBZ#2345865 issue-tracking x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0622 x_refsource_REDHAT vdb-entry
RHBZ#2345865 issue-tracking x_refsource_REDHAT
RHBZ#2345865 issue-tracking x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0622 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2025-0622 x_refsource_REDHAT vdb-entry
RHBZ#2345865 issue-tracking x_refsource_REDHAT
RHSA-2025:16154 vendor-advisory x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
RHBZ#2345865 issue-tracking x_refsource_REDHAT
RHSA-2025:16154 vendor-advisory x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0622 x_refsource_REDHAT vdb-entry
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0622 x_refsource_REDHAT vdb-entry
RHBZ#2345865 issue-tracking x_refsource_REDHAT
RHSA-2025:16154 vendor-advisory x_refsource_REDHAT

Affected products

grub2

=<2.12
*

rhcos

Matching in nixpkgs

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

nixos-unstable -
- nixpkgs-unstable

pkgs.grub2_pvhgrub_image

PvGrub2 image for booting PVH Xen guests

nixos-unstable -
- nixpkgs-unstable

Package maintainers

@hehongbo Hongbo
@digitalrane Rane <rane+git@junkyard.systems>
@CertainLach Yaroslav Bolyukin <iam@lach.pw>
@SigmaSquadron Fernando Rodrigues <alpha@sigmasquadron.net>

Permalink CVE-2024-45776

6.7 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): HIGH
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months ago

Grub2: grub-core/gettext: integer overflow leads to heap oob write and read.

When reading the language .mo file in grub_mofile_open(), grub2 fails to verify an integer overflow when allocating its internal buffer. A crafted .mo file may lead the buffer size calculation to overflow, leading to out-of-bound reads and writes. This flaw allows an attacker to leak sensitive data or overwrite critical data, possibly circumventing secure boot protections.

References

https://access.redhat.com/security/cve/CVE-2024-45776 x_refsource_REDHAT vdb-entry
RHBZ#2339182 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45776 x_refsource_REDHAT vdb-entry
RHBZ#2339182 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45776 x_refsource_REDHAT vdb-entry
RHBZ#2339182 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45776 x_refsource_REDHAT vdb-entry
RHBZ#2339182 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45776 x_refsource_REDHAT vdb-entry
RHBZ#2339182 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45776 x_refsource_REDHAT vdb-entry
RHBZ#2339182 issue-tracking x_refsource_REDHAT
RHBZ#2339182 issue-tracking x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45776 x_refsource_REDHAT vdb-entry
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45776 x_refsource_REDHAT vdb-entry
RHBZ#2339182 issue-tracking x_refsource_REDHAT
RHBZ#2339182 issue-tracking x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45776 x_refsource_REDHAT vdb-entry
RHSA-2025:16154 vendor-advisory x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45776 x_refsource_REDHAT vdb-entry
RHBZ#2339182 issue-tracking x_refsource_REDHAT
RHSA-2025:16154 vendor-advisory x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45776 x_refsource_REDHAT vdb-entry
RHBZ#2339182 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45776 x_refsource_REDHAT vdb-entry
RHBZ#2339182 issue-tracking x_refsource_REDHAT
RHSA-2025:16154 vendor-advisory x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT

Affected products

grub2

=<2.12
*

rhcos

Matching in nixpkgs

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

nixos-unstable -
- nixpkgs-unstable

pkgs.grub2_pvhgrub_image

PvGrub2 image for booting PVH Xen guests

nixos-unstable -
- nixpkgs-unstable

Package maintainers

@hehongbo Hongbo
@digitalrane Rane <rane+git@junkyard.systems>
@CertainLach Yaroslav Bolyukin <iam@lach.pw>
@SigmaSquadron Fernando Rodrigues <alpha@sigmasquadron.net>

Permalink CVE-2025-1390

6.1 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): HIGH
Availability impact (A): NONE

created 6 months ago

pam_cap: Fix potential configuration parsing error

The PAM module pam_cap.so of libcap configuration supports group names starting with “@”, during actual parsing, configurations not starting with “@” are incorrectly recognized as group names. This may result in nonintended users being granted an inherited capability set, potentially leading to security risks. Attackers can exploit this vulnerability to achieve local privilege escalation on systems where /etc/security/capability.conf is used to configure user inherited privileges by constructing specific usernames.

References

https://bugzilla.openanolis.cn/show_bug.cgi?id=18804

Affected products

libcap

==2.73;0

Matching in nixpkgs

pkgs.libcap

Library for working with POSIX capabilities

nixos-unstable -
- nixpkgs-unstable 2.76

pkgs.libcap_ng

Library for working with POSIX capabilities

nixos-unstable -
- nixpkgs-unstable 0.8.5

pkgs.libcaption

Free open-source CEA608 / CEA708 closed-caption encoder/decoder

nixos-unstable -
- nixpkgs-unstable 0.7

Package maintainers

@LordGrimmauld Sören Bender <soeren@benjos.de>
@pschmitt Philipp Schmitt <philipp@schmitt.co>

Permalink CVE-2025-26465

6.8 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): NONE

created 6 months ago

Openssh: machine-in-the-middle attack if verifyhostkeydns is enabled

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

References

Affected products

rhcos

OpenSSH

=<9.9p1

openssh

discovery/discovery-server-rhel9

registry.redhat.io/discovery/discovery-server-rhel9

Matching in nixpkgs

pkgs.openssh

Implementation of the SSH protocol

nixos-unstable -
- nixpkgs-unstable 10.0p2

pkgs.opensshTest

Implementation of the SSH protocol

nixos-unstable -
- nixpkgs-unstable 10.0p2

pkgs.openssh_hpn

Implementation of the SSH protocol with high performance networking patches

nixos-unstable -
- nixpkgs-unstable 10.0p2

pkgs.openssh_gssapi

Implementation of the SSH protocol with GSSAPI support

nixos-unstable -
- nixpkgs-unstable 10.0p2

pkgs.opensshWithKerberos

Implementation of the SSH protocol

nixos-unstable -
- nixpkgs-unstable 10.0p2

pkgs.openssh_hpnWithKerberos

Implementation of the SSH protocol with high performance networking patches

nixos-unstable -
- nixpkgs-unstable 10.0p2

pkgs.lxqt.lxqt-openssh-askpass

GUI to query passwords on behalf of SSH agents

nixos-unstable -
- nixpkgs-unstable 2.2.0

Package maintainers

@romildo José Romildo Malaquias <malaquias@gmail.com>
@philiptaron Philip Taron <philip.taron@gmail.com>
@helsinki-Jo Joachim Ernst <joachim.ernst@helsinki-systems.de>
@dasJ Janne Heß <janne@hess.ooo>
@Conni2461 Simon Hauser <simon-hauser@outlook.com>
@numinit Morgan Jones <me+nixpkgs@numin.it>
@wahjava Ashish SHUKLA <ashish.is@lostca.se>

Permalink CVE-2025-22654

10.0 CRITICAL

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): CHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months ago

WordPress Simplified Plugin Plugin <= 1.0.6 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in kodeshpa Simplified allows Using Malicious Files. This issue affects Simplified: from n/a through 1.0.6.

References

https://patchstack.com/database/wordpress/plugin/simplified/vulnerability/wordp… vdb-entry

Affected products

simplified

=<1.0.6

Matching in nixpkgs

pkgs.gnomeExtensions.net-speed-simplified

A Net Speed extension With Loads of Customization. Fork of simplenetspeed

nixos-unstable -
- nixpkgs-unstable 44

pkgs.gnomeExtensions.net-totals-simplified

A Net totals extension that only displays totals. Forked from Net Speed extension (netspeedsimplified@prateekmedia.extension) With Loads of Customization, version 43

nixos-unstable -
- nixpkgs-unstable 3

pkgs.haskellPackages.phonetic-languages-simplified-base

A basics of the phonetic-languages functionality that can be groupped

nixos-unstable -
- nixpkgs-unstable 0.9.0.0

pkgs.haskellPackages.phonetic-languages-simplified-properties-array-common

Common functionality for 'with-tuples' and old version of properties

nixos-unstable -
- nixpkgs-unstable 0.4.1.0

Package maintainers

@honnip Jung seungwoo <me@honnip.page>

Permalink CVE-2024-45775

5.2 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): HIGH
Privileges required (PR): HIGH
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): HIGH

created 6 months ago

Grub2: commands/extcmd: missing check for failed allocation

A flaw was found in grub2 where the grub_extcmd_dispatcher() function calls grub_arg_list_alloc() to allocate memory for the grub's argument list. However, it fails to check in case the memory allocation fails. Once the allocation fails, a NULL point will be processed by the parse_option() function, leading grub to crash or, in some rare scenarios, corrupt the IVT data.

References

https://access.redhat.com/security/cve/CVE-2024-45775 x_refsource_REDHAT vdb-entry
RHBZ#2337481 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45775 x_refsource_REDHAT vdb-entry
RHBZ#2337481 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45775 x_refsource_REDHAT vdb-entry
RHBZ#2337481 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45775 x_refsource_REDHAT vdb-entry
RHBZ#2337481 issue-tracking x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45775 x_refsource_REDHAT vdb-entry
RHBZ#2337481 issue-tracking x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45775 x_refsource_REDHAT vdb-entry
RHBZ#2337481 issue-tracking x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45775 x_refsource_REDHAT vdb-entry
RHBZ#2337481 issue-tracking x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45775 x_refsource_REDHAT vdb-entry
RHBZ#2337481 issue-tracking x_refsource_REDHAT
RHSA-2025:6990 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45775 x_refsource_REDHAT vdb-entry
RHBZ#2337481 issue-tracking x_refsource_REDHAT

Affected products

grub2

=<2.12
*

rhcos

Matching in nixpkgs

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

nixos-unstable -
- nixpkgs-unstable

pkgs.grub2_pvhgrub_image

PvGrub2 image for booting PVH Xen guests

nixos-unstable -
- nixpkgs-unstable

Package maintainers

@hehongbo Hongbo
@digitalrane Rane <rane+git@junkyard.systems>
@CertainLach Yaroslav Bolyukin <iam@lach.pw>
@SigmaSquadron Fernando Rodrigues <alpha@sigmasquadron.net>