CVE-2025-0622

EUVD-2025-4773
A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If correctly exploited, this vulnerability may result in arbitrary code execution, eventually allowing the attacker to bypass secure boot protections.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.4 MEDIUM
LOCAL
HIGH
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
grub2
bookworm
2.06-13+deb12u2
fixed
bookworm (security)
vulnerable
bullseye
vulnerable
bullseye (security)
vulnerable
forky
2.14-2
fixed
sid
2.14-2
fixed
trixie
2.12-9+deb13u2
fixed
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
grub2
suse enterprise desktop 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP3
2.02-150.1
fixed
suse enterprise server 12 SP5
2.02-181.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.52.3
fixed
suse enterprise server 15 SP4
2.06-150400.11.55.2
fixed
suse enterprise server 15 SP5
2.06-150500.29.43.2
fixed
suse enterprise server 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-arm64-efi
suse enterprise desktop 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP5
2.02-181.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.52.3
fixed
suse enterprise server 15 SP4
2.06-150400.11.55.2
fixed
suse enterprise server 15 SP5
2.06-150500.29.43.2
fixed
suse enterprise server 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-i386-pc
suse enterprise desktop 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP3
2.02-150.1
fixed
suse enterprise server 12 SP5
2.02-181.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.52.3
fixed
suse enterprise server 15 SP4
2.06-150400.11.55.2
fixed
suse enterprise server 15 SP5
2.06-150500.29.43.2
fixed
suse enterprise server 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-powerpc-ieee1275
suse enterprise desktop 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP5
2.02-181.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.52.3
fixed
suse enterprise server 15 SP4
2.06-150400.11.55.2
fixed
suse enterprise server 15 SP5
2.06-150500.29.43.2
fixed
suse enterprise server 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-s390x-emu
suse enterprise desktop 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP5
2.02-181.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.52.3
fixed
suse enterprise server 15 SP4
2.06-150400.11.55.2
fixed
suse enterprise server 15 SP5
2.06-150500.29.43.2
fixed
suse enterprise server 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-snapper-plugin
suse enterprise desktop 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP3
2.02-150.1
fixed
suse enterprise server 12 SP5
2.02-181.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.52.3
fixed
suse enterprise server 15 SP4
2.06-150400.11.55.2
fixed
suse enterprise server 15 SP5
2.06-150500.29.43.2
fixed
suse enterprise server 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-systemd-sleep-plugin
suse enterprise desktop 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP3
2.02-150.1
fixed
suse enterprise server 12 SP5
2.02-181.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.52.3
fixed
suse enterprise server 15 SP4
2.06-150400.11.55.2
fixed
suse enterprise server 15 SP5
2.06-150500.29.43.2
fixed
suse enterprise server 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-x86_64-efi
suse enterprise desktop 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP3
2.02-150.1
fixed
suse enterprise server 12 SP5
2.02-181.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.52.3
fixed
suse enterprise server 15 SP4
2.06-150400.11.55.2
fixed
suse enterprise server 15 SP5
2.06-150500.29.43.2
fixed
suse enterprise server 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-x86_64-xen
suse enterprise server 12 SP3
2.02-150.1
fixed
suse enterprise server 12 SP5
2.02-181.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.52.3
fixed
suse enterprise server 15 SP4
2.06-150400.11.55.2
fixed
suse enterprise server 15 SP5
2.06-150500.29.43.2
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
grub2-common
RHEL 9
1:2.06-104.el9_6
fixed
grub2-efi-aa64
RHEL 9
1:2.06-104.el9_6
fixed
grub2-efi-aa64-cdboot
RHEL 9
1:2.06-104.el9_6
fixed
grub2-efi-aa64-modules
RHEL 9
1:2.06-104.el9_6
fixed
grub2-efi-x64
RHEL 9
1:2.06-104.el9_6
fixed
grub2-efi-x64-cdboot
RHEL 9
1:2.06-104.el9_6
fixed
grub2-efi-x64-modules
RHEL 9
1:2.06-104.el9_6
fixed
grub2-pc
RHEL 9
1:2.06-104.el9_6
fixed
grub2-pc-modules
RHEL 9
1:2.06-104.el9_6
fixed
grub2-ppc64le
RHEL 9
1:2.06-104.el9_6
fixed
grub2-ppc64le-modules
RHEL 9
1:2.06-104.el9_6
fixed
grub2-tools
RHEL 9
1:2.06-104.el9_6
fixed
grub2-tools-efi
RHEL 9
1:2.06-104.el9_6
fixed
grub2-tools-extra
RHEL 9
1:2.06-104.el9_6
fixed
grub2-tools-minimal
RHEL 9
1:2.06-104.el9_6
fixed
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2025:16154
https://access.redhat.com/errata/RHSA-2025:6990
https://access.redhat.com/security/cve/CVE-2025-0622
https://bugzilla.redhat.com/show_bug.cgi?id=2345865
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html