Stack Overflow Vulnerability in Grub2 Affects Red Hat Products
CVE-2024-45778

5.5MEDIUM

Key Information:

Vendor
Gnu
Vendor
CVE Published:
3 March 2025

Summary

A stack overflow vulnerability has been identified in Grub2 when processing files from a Broken File System (BFS). An attacker could craft a malicious BFS filesystem that triggers an uncontrolled loop within Grub2, leading to application crashes. This flaw could disrupt system operations, making it imperative for users to apply security updates and mitigate potential impacts on system stability.

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.