CVE-2025-1118

EUVD-2025-4667
A flaw was found in grub2. Grub's dump command is not blocked when grub is in lockdown mode, which allows the user to read any memory information, and an attacker may leverage this in order to extract signatures, salts, and other sensitive information from the memory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.4 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
Debian logo
Debian Releases
Debian Product
Codename
grub2
bookworm
2.06-13+deb12u2
fixed
bookworm (security)
vulnerable
bullseye
vulnerable
bullseye (security)
vulnerable
forky
2.14-2
fixed
sid
2.14-2
fixed
trixie
2.12-9+deb13u2
fixed
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
grub2
suse enterprise desktop 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP3
2.02-150.1
fixed
suse enterprise server 12 SP5
2.02-181.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.52.3
fixed
suse enterprise server 15 SP4
2.06-150400.11.55.2
fixed
suse enterprise server 15 SP5
2.06-150500.29.43.2
fixed
suse enterprise server 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-arm64-efi
suse enterprise desktop 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP5
2.02-181.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.52.3
fixed
suse enterprise server 15 SP4
2.06-150400.11.55.2
fixed
suse enterprise server 15 SP5
2.06-150500.29.43.2
fixed
suse enterprise server 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-i386-pc
suse enterprise desktop 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP3
2.02-150.1
fixed
suse enterprise server 12 SP5
2.02-181.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.52.3
fixed
suse enterprise server 15 SP4
2.06-150400.11.55.2
fixed
suse enterprise server 15 SP5
2.06-150500.29.43.2
fixed
suse enterprise server 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-powerpc-ieee1275
suse enterprise desktop 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP5
2.02-181.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.52.3
fixed
suse enterprise server 15 SP4
2.06-150400.11.55.2
fixed
suse enterprise server 15 SP5
2.06-150500.29.43.2
fixed
suse enterprise server 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-s390x-emu
suse enterprise desktop 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP5
2.02-181.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.52.3
fixed
suse enterprise server 15 SP4
2.06-150400.11.55.2
fixed
suse enterprise server 15 SP5
2.06-150500.29.43.2
fixed
suse enterprise server 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-snapper-plugin
suse enterprise desktop 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP3
2.02-150.1
fixed
suse enterprise server 12 SP5
2.02-181.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.52.3
fixed
suse enterprise server 15 SP4
2.06-150400.11.55.2
fixed
suse enterprise server 15 SP5
2.06-150500.29.43.2
fixed
suse enterprise server 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-systemd-sleep-plugin
suse enterprise desktop 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP3
2.02-150.1
fixed
suse enterprise server 12 SP5
2.02-181.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.52.3
fixed
suse enterprise server 15 SP4
2.06-150400.11.55.2
fixed
suse enterprise server 15 SP5
2.06-150500.29.43.2
fixed
suse enterprise server 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-x86_64-efi
suse enterprise desktop 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.17.4
fixed
suse enterprise sap 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise sap 15 SP7
2.12-150700.17.4
fixed
suse enterprise server 12 SP3
2.02-150.1
fixed
suse enterprise server 12 SP5
2.02-181.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.52.3
fixed
suse enterprise server 15 SP4
2.06-150400.11.55.2
fixed
suse enterprise server 15 SP5
2.06-150500.29.43.2
fixed
suse enterprise server 15 SP6
2.12-150600.8.18.2
fixed
suse enterprise server 15 SP7
2.12-150700.17.4
fixed
grub2-x86_64-xen
suse enterprise server 12 SP3
2.02-150.1
fixed
suse enterprise server 12 SP5
2.02-181.2
fixed
suse enterprise server 15 SP3
2.04-150300.22.52.3
fixed
suse enterprise server 15 SP4
2.06-150400.11.55.2
fixed
suse enterprise server 15 SP5
2.06-150500.29.43.2
fixed
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2025:16154
https://access.redhat.com/security/cve/CVE-2025-1118
https://bugzilla.redhat.com/show_bug.cgi?id=2346137
https://git.savannah.gnu.org/cgit/grub.git/commit/?id=34824806ac6302f91e8cabaa41308eaced25725f
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html