High severity7.8NVD Advisory· Published Nov 18, 2025· Updated May 13, 2026
CVE-2025-61662
CVE-2025-61662
Description
A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the application to access a memory location that is no longer valid. An attacker could exploit this vulnerability to cause grub to crash, leading to a Denial of Service. Possible data integrity or confidentiality compromise is not discarded.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
24- www.openwall.com/lists/oss-security/2025/11/18/5nvdMailing ListPatch
- access.redhat.com/security/cve/CVE-2025-61662nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- access.redhat.com/errata/RHSA-2026:10097nvd
- access.redhat.com/errata/RHSA-2026:14773nvd
- access.redhat.com/errata/RHSA-2026:15087nvd
- access.redhat.com/errata/RHSA-2026:4648nvd
- access.redhat.com/errata/RHSA-2026:4649nvd
- access.redhat.com/errata/RHSA-2026:4652nvd
- access.redhat.com/errata/RHSA-2026:4653nvd
- access.redhat.com/errata/RHSA-2026:4654nvd
- access.redhat.com/errata/RHSA-2026:4760nvd
- access.redhat.com/errata/RHSA-2026:4822nvd
- access.redhat.com/errata/RHSA-2026:4823nvd
- access.redhat.com/errata/RHSA-2026:4830nvd
- access.redhat.com/errata/RHSA-2026:4900nvd
- access.redhat.com/errata/RHSA-2026:4998nvd
- access.redhat.com/errata/RHSA-2026:5074nvd
- access.redhat.com/errata/RHSA-2026:5127nvd
- access.redhat.com/errata/RHSA-2026:5233nvd
- access.redhat.com/errata/RHSA-2026:6492nvd
- access.redhat.com/errata/RHSA-2026:7239nvd
- access.redhat.com/errata/RHSA-2026:7243nvd
- lists.gnu.org/archive/html/grub-devel/2025-11/msg00155.htmlnvd
News mentions
0No linked articles in our index yet.