Grub
by Coreos
Source repositories
- https://github.com/coreos/grubarchived
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-54771 | Med | 0.32 | 4.9 | 0.00 | Nov 18, 2025 | A use-after-free vulnerability has been identified in the GNU GRUB (Grand Unified Bootloader). The flaw occurs because the file-closing process incorrectly retains a memory pointer, leaving an invalid reference to a file system structure. An attacker could exploit this… | ||
| CVE-2024-45778 | 0.00 | — | 0.00 | Mar 3, 2025 | A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash. | |||
| CVE-2025-0689 | 0.00 | — | 0.00 | Mar 3, 2025 | When reading data from disk, the grub's UDF filesystem module utilizes the user controlled data length metadata to allocate its internal buffers. In certain scenarios, while iterating through disk sectors, it assumes the read size from the disk is always smaller than the… |
- risk 0.32cvss 4.9epss 0.00
A use-after-free vulnerability has been identified in the GNU GRUB (Grand Unified Bootloader). The flaw occurs because the file-closing process incorrectly retains a memory pointer, leaving an invalid reference to a file system structure. An attacker could exploit this…
- CVE-2024-45778Mar 3, 2025risk 0.00cvss —epss 0.00
A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash.
- CVE-2025-0689Mar 3, 2025risk 0.00cvss —epss 0.00
When reading data from disk, the grub's UDF filesystem module utilizes the user controlled data length metadata to allocate its internal buffers. In certain scenarios, while iterating through disk sectors, it assumes the read size from the disk is always smaller than the…