LUKS-Encrypted Disk Vulnerability in GRUB by Red Hat
CVE-2025-4382

5.9MEDIUM

Key Information:

Status
Red Hat Enterprise Linux 10
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 8
Vendor
CVE Published:
9 May 2025

What is CVE-2025-4382?

A security flaw exists in systems that utilize LUKS-encrypted disks configured with GRUB for TPM-based auto-decryption. When GRUB automatically decrypts disks using keys stored in TPM, it loads the decryption key into memory. An attacker with physical access can manipulate the filesystem superblock, causing GRUB to fail in locating a valid filesystem, and enter rescue mode. As a result, the disk remains decrypted, exposing the decryption key in system memory. This enables unauthorized access to unencrypted data without authentication, raising significant concerns regarding data confidentiality and integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://access.redhat.com/security/cve/CVE-2025-4382
vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2364416
issue-trackingx_refsource_REDHAT
https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=...

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.