CVE-2024-49504

grub2 allowed attackers with access to the grub shell to access files on the encrypted disks.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
suseCNA
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
Debian logo
Debian Releases
Debian Product
Codename
grub2
bullseye (security)
2.06-3~deb11u6
fixed
bullseye
2.06-3~deb11u6
fixed
bookworm
2.06-13+deb12u1
fixed
bookworm (security)
2.06-13+deb12u1
fixed
trixie
2.12-9
fixed
forky
2.14~git20250718.0e36779-2
fixed
sid
2.14~git20250718.0e36779-2
fixed
Common Weakness Enumeration
References
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-49504