CVE-2024-45774
EUVD-2025-478718.02.2025, 19:15
A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is not discarded.Enginsight
Awaiting analysis
This vulnerability is currently awaiting analysis.
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| grub2 |
| ||||||||||||||||||
| grub2-unsigned |
| ||||||||||||||||||
| grub2-signed |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| grub2 |
| ||||||||||||||||||||||
| grub2-arm64-efi |
| ||||||||||||||||||||||
| grub2-i386-pc |
| ||||||||||||||||||||||
| grub2-powerpc-ieee1275 |
| ||||||||||||||||||||||
| grub2-s390x-emu |
| ||||||||||||||||||||||
| grub2-snapper-plugin |
| ||||||||||||||||||||||
| grub2-systemd-sleep-plugin |
| ||||||||||||||||||||||
| grub2-x86_64-efi |
| ||||||||||||||||||||||
| grub2-x86_64-xen |
|
Red Hat Enterprise Linux Releases
Red Hat Product | |||
|---|---|---|---|
| grub2-common |
| ||
| grub2-efi-aa64 |
| ||
| grub2-efi-aa64-cdboot |
| ||
| grub2-efi-aa64-modules |
| ||
| grub2-efi-x64 |
| ||
| grub2-efi-x64-cdboot |
| ||
| grub2-efi-x64-modules |
| ||
| grub2-pc |
| ||
| grub2-pc-modules |
| ||
| grub2-ppc64le |
| ||
| grub2-ppc64le-modules |
| ||
| grub2-tools |
| ||
| grub2-tools-efi |
| ||
| grub2-tools-extra |
| ||
| grub2-tools-minimal |
|
Common Weakness Enumeration