Heap-Based Buffer Overflow in GNU GRUB2 Affected by Malicious HFS Filesystem Data
CVE-2024-56737
8.8HIGH
What is CVE-2024-56737?
A vulnerability exists in GNU GRUB2 (version 2.12) that is triggered by a heap-based buffer overflow. This flaw can be exploited if an attacker uses specially crafted sblock data within an HFS filesystem. Such an exploitation may lead to unauthorized access or corruption of memory, impacting the stability and security of systems utilizing this bootloader. Addressing this issue promptly is crucial for maintaining system integrity and protecting against potential threats.
Affected Version(s)
GRUB2 2.00 <= 2.12