VYPR
Medium severity6.7NVD Advisory· Published Feb 18, 2025· Updated Jun 29, 2026

CVE-2024-45781

CVE-2024-45781

Description

A flaw was found in grub2. When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length taken as an input. The lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and eventually allowing an attacker to circumvent secure boot protections.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

46

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.