Unrated severityNVD Advisory· Published Feb 19, 2025· Updated Jan 29, 2026

Grub2: grub-core/gettext: integer overflow leads to heap oob write.

CVE-2024-45777

Description

A flaw was found in grub2. The calculation of the translation buffer when reading a language .mo file in grub_gettext_getstr_from_position() may overflow, leading to a Out-of-bound write. This issue can be leveraged by an attacker to overwrite grub2's sensitive heap data, eventually leading to the circumvention of secure boot protections.

Affected products

Rhboot/Grub2inferred

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/errata/RHSA-2025:20532mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/security/cve/CVE-2024-45777mitrevdb-entryx_refsource_REDHAT
bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000