CVE-2024-49504

EUVD-2024-43438
grub2 allowed attackers with access to the grub shell to access files on the encrypted disks.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 25%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
suseopensuse_tumbleweed
𝑥
< 2.12-28.1
ADP
Debian logo
Debian Releases
Debian Product
Codename
grub2
bookworm
2.06-13+deb12u1
fixed
bookworm (security)
2.06-13+deb12u1
fixed
bullseye
2.06-3~deb11u6
fixed
bullseye (security)
2.06-3~deb11u6
fixed
forky
2.14~git20250718.0e36779-2
fixed
sid
2.14~git20250718.0e36779-2
fixed
trixie
2.12-9
fixed
Common Weakness Enumeration
References
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-49504