VYPR
Medium severity6.0NVD Advisory· Published Mar 3, 2025· Updated Jun 29, 2026

CVE-2024-45779

CVE-2024-45779

Description

An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a heap of bounds read. As a consequence, sensitive data may be leaked, or grub2 will crash.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

31

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.