CVE-2024-56737
EUVD-2024-5338029.12.2024, 07:15
GNU GRUB (aka GRUB2) through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| gnu | grub2 | 𝑥 ≤ 2.12 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| grub2 |
| ||||||||||||||||||
| grub2-unsigned |
| ||||||||||||||||||
| grub2-signed |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| grub2 |
| ||||||||||||||||||||||
| grub2-arm64-efi |
| ||||||||||||||||||||||
| grub2-i386-pc |
| ||||||||||||||||||||||
| grub2-powerpc-ieee1275 |
| ||||||||||||||||||||||
| grub2-s390x-emu |
| ||||||||||||||||||||||
| grub2-snapper-plugin |
| ||||||||||||||||||||||
| grub2-systemd-sleep-plugin |
| ||||||||||||||||||||||
| grub2-x86_64-efi |
| ||||||||||||||||||||||
| grub2-x86_64-xen |
|
References