VYPR
Medium severity6.7NVD Advisory· Published Feb 18, 2025· Updated Apr 15, 2026

CVE-2024-45776

CVE-2024-45776

Description

When reading the language .mo file in grub_mofile_open(), grub2 fails to verify an integer overflow when allocating its internal buffer. A crafted .mo file may lead the buffer size calculation to overflow, leading to out-of-bound reads and writes. This flaw allows an attacker to leak sensitive data or overwrite critical data, possibly circumventing secure boot protections.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

46

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.