Medium severity4.4NVD Advisory· Published Feb 19, 2025· Updated Apr 15, 2026
CVE-2025-1118
CVE-2025-1118
Description
A flaw was found in grub2. Grub's dump command is not blocked when grub is in lockdown mode, which allows the user to read any memory information, and an attacker may leverage this in order to extract signatures, salts, and other sensitive information from the memory.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
34- osv-coords34 versionspkg:rpm/almalinux/grub2-commonpkg:rpm/almalinux/grub2-efi-aa64-modulespkg:rpm/almalinux/grub2-efi-x64-modulespkg:rpm/almalinux/grub2-pc-modulespkg:rpm/almalinux/grub2-ppc64le-modulespkg:rpm/opensuse/grub2&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/grub2&distro=openSUSE%20Tumbleweedpkg:rpm/suse/grub2&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP6pkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/grub2&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/grub2&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/grub2&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/grub2&distro=SUSE%20Manager%20Proxy%20Module%204.3pkg:rpm/suse/grub2&distro=SUSE%20Manager%20Server%204.3pkg:rpm/suse/grub2&distro=SUSE%20Manager%20Server%20Module%204.3
< 1:2.12-15.el10_0.alma.1+ 33 more
- (no CPE)range: < 1:2.12-15.el10_0.alma.1
- (no CPE)range: < 1:2.12-15.el10_0.alma.1
- (no CPE)range: < 1:2.12-15.el10_0.alma.1
- (no CPE)range: < 1:2.12-15.el10_0.alma.1
- (no CPE)range: < 1:2.12-15.el10_0.alma.1
- (no CPE)range: < 2.12-150600.8.18.2
- (no CPE)range: < 2.12-35.1
- (no CPE)range: < 2.04-150300.22.52.3
- (no CPE)range: < 2.04-150300.22.52.3
- (no CPE)range: < 2.06-150400.11.55.2
- (no CPE)range: < 2.06-150400.11.55.2
- (no CPE)range: < 2.06-150500.29.43.2
- (no CPE)range: < 2.06-150500.29.43.2
- (no CPE)range: < 2.04-150300.3.11.1
- (no CPE)range: < 2.04-150300.22.52.3
- (no CPE)range: < 2.06-150400.11.55.2
- (no CPE)range: < 2.06-150400.11.55.2
- (no CPE)range: < 2.06-150500.29.43.2
- (no CPE)range: < 2.12-150600.8.18.2
- (no CPE)range: < 2.12-150600.8.18.2
- (no CPE)range: < 2.02-181.2
- (no CPE)range: < 2.04-150300.22.52.3
- (no CPE)range: < 2.06-150400.11.55.2
- (no CPE)range: < 2.06-150500.29.43.2
- (no CPE)range: < 2.04-150300.22.52.3
- (no CPE)range: < 2.06-150400.11.55.2
- (no CPE)range: < 2.06-150500.29.43.2
- (no CPE)range: < 2.02-181.2
- (no CPE)range: < 2.12~rc1-6.1
- (no CPE)range: < 2.12-slfo.1.1_2.1
- (no CPE)range: < 2.06-150400.11.55.2
- (no CPE)range: < 2.06-150400.11.55.2
- (no CPE)range: < 2.06-150400.11.55.2
- (no CPE)range: < 2.06-150400.11.55.2
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.