CVE-2025-61662

EUVD-2025-198071
A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the application to access a memory location that is no longer valid. An attacker could exploit this vulnerability to cause grub to crash, leading to a Denial of Service. Possible data integrity or confidentiality compromise is not discarded.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
Affected Products (NVD)
VendorProductVersion
gnugrub2
𝑥
≤ 2.14
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
grub2
bookworm
no-dsa
bookworm (security)
vulnerable
bullseye
vulnerable
bullseye (security)
vulnerable
forky
2.14-2
fixed
sid
2.14-2
fixed
trixie
no-dsa
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
grub2
bionic
not-affected
focal
not-affected
jammy
not-affected
noble
not-affected
plucky
not-affected
questing
not-affected
resolute
not-affected
trusty
ignored
xenial
not-affected
grub2-unsigned
bionic
needs-triage
focal
needs-triage
jammy
needs-triage
noble
needs-triage
plucky
ignored
questing
needs-triage
resolute
needs-triage
xenial
needs-triage
grub2-signed
bionic
needs-triage
focal
needs-triage
jammy
needs-triage
noble
needs-triage
plucky
ignored
questing
needs-triage
resolute
needs-triage
trusty
ignored
xenial
needs-triage
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
grub2
suse enterprise desktop 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.19.19.1
fixed
suse enterprise sap 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise sap 15 SP7
2.12-150700.19.19.1
fixed
suse enterprise server 12 SP3
2.02-156.1
fixed
suse enterprise server 15 SP4
2.06-150400.11.66.1
fixed
suse enterprise server 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise server 15 SP7
2.12-150700.19.19.1
fixed
grub2-arm64-efi
suse enterprise desktop 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.19.19.1
fixed
suse enterprise sap 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise sap 15 SP7
2.12-150700.19.19.1
fixed
suse enterprise server 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise server 15 SP7
2.12-150700.19.19.1
fixed
grub2-i386-pc
suse enterprise desktop 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.19.19.1
fixed
suse enterprise sap 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise sap 15 SP7
2.12-150700.19.19.1
fixed
suse enterprise server 12 SP3
2.02-156.1
fixed
suse enterprise server 15 SP4
2.06-150400.11.66.1
fixed
suse enterprise server 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise server 15 SP7
2.12-150700.19.19.1
fixed
grub2-powerpc-ieee1275
suse enterprise desktop 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.19.19.1
fixed
suse enterprise sap 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise sap 15 SP7
2.12-150700.19.19.1
fixed
suse enterprise server 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise server 15 SP7
2.12-150700.19.19.1
fixed
grub2-s390x-emu
suse enterprise desktop 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.19.19.1
fixed
suse enterprise sap 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise sap 15 SP7
2.12-150700.19.19.1
fixed
suse enterprise server 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise server 15 SP7
2.12-150700.19.19.1
fixed
grub2-snapper-plugin
suse enterprise desktop 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.19.19.1
fixed
suse enterprise sap 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise sap 15 SP7
2.12-150700.19.19.1
fixed
suse enterprise server 12 SP3
2.02-156.1
fixed
suse enterprise server 15 SP4
2.06-150400.11.66.1
fixed
suse enterprise server 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise server 15 SP7
2.12-150700.19.19.1
fixed
grub2-systemd-sleep-plugin
suse enterprise desktop 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.19.19.1
fixed
suse enterprise sap 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise sap 15 SP7
2.12-150700.19.19.1
fixed
suse enterprise server 12 SP3
2.02-156.1
fixed
suse enterprise server 15 SP4
2.06-150400.11.66.1
fixed
suse enterprise server 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise server 15 SP7
2.12-150700.19.19.1
fixed
grub2-x86_64-efi
suse enterprise desktop 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise desktop 15 SP7
2.12-150700.19.19.1
fixed
suse enterprise sap 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise sap 15 SP7
2.12-150700.19.19.1
fixed
suse enterprise server 12 SP3
2.02-156.1
fixed
suse enterprise server 15 SP4
2.06-150400.11.66.1
fixed
suse enterprise server 15 SP6
2.12-150600.8.44.2
fixed
suse enterprise server 15 SP7
2.12-150700.19.19.1
fixed
grub2-x86_64-xen
suse enterprise server 12 SP3
2.02-156.1
fixed
suse enterprise server 15 SP4
2.06-150400.11.66.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
grub2-common
RHEL 8
1:2.02-170.el8_10.1
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.14
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.13
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.19
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.19
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.19
fixed
RHEL 8.8 E4S
1:2.02-152.el8_8.3
fixed
RHEL 8.8 TUS
1:2.02-152.el8_8.3
fixed
RHEL 9
1:2.06-114.el9_7.1
fixed
grub2-efi-aa64
RHEL 8
1:2.02-170.el8_10.1
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.19
fixed
RHEL 9
1:2.06-114.el9_7.1
fixed
grub2-efi-aa64-cdboot
RHEL 8
1:2.02-170.el8_10.1
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.19
fixed
RHEL 9
1:2.06-114.el9_7.1
fixed
grub2-efi-aa64-modules
RHEL 8
1:2.02-170.el8_10.1
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.14
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.13
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.19
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.19
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.19
fixed
RHEL 8.8 E4S
1:2.02-152.el8_8.3
fixed
RHEL 8.8 TUS
1:2.02-152.el8_8.3
fixed
RHEL 9
1:2.06-114.el9_7.1
fixed
grub2-efi-ia32
RHEL 8
1:2.02-170.el8_10.1
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.14
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.13
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.19
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.19
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.19
fixed
RHEL 8.8 E4S
1:2.02-152.el8_8.3
fixed
RHEL 8.8 TUS
1:2.02-152.el8_8.3
fixed
grub2-efi-ia32-cdboot
RHEL 8
1:2.02-170.el8_10.1
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.14
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.13
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.19
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.19
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.19
fixed
RHEL 8.8 E4S
1:2.02-152.el8_8.3
fixed
RHEL 8.8 TUS
1:2.02-152.el8_8.3
fixed
grub2-efi-ia32-modules
RHEL 8
1:2.02-170.el8_10.1
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.14
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.13
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.19
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.19
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.19
fixed
RHEL 8.8 E4S
1:2.02-152.el8_8.3
fixed
RHEL 8.8 TUS
1:2.02-152.el8_8.3
fixed
grub2-efi-x64
RHEL 8
1:2.02-170.el8_10.1
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.14
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.13
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.19
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.19
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.19
fixed
RHEL 8.8 E4S
1:2.02-152.el8_8.3
fixed
RHEL 8.8 TUS
1:2.02-152.el8_8.3
fixed
RHEL 9
1:2.06-114.el9_7.1
fixed
grub2-efi-x64-cdboot
RHEL 8
1:2.02-170.el8_10.1
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.14
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.13
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.19
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.19
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.19
fixed
RHEL 8.8 E4S
1:2.02-152.el8_8.3
fixed
RHEL 8.8 TUS
1:2.02-152.el8_8.3
fixed
RHEL 9
1:2.06-114.el9_7.1
fixed
grub2-efi-x64-modules
RHEL 8
1:2.02-170.el8_10.1
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.14
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.13
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.19
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.19
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.19
fixed
RHEL 8.8 E4S
1:2.02-152.el8_8.3
fixed
RHEL 8.8 TUS
1:2.02-152.el8_8.3
fixed
RHEL 9
1:2.06-114.el9_7.1
fixed
grub2-pc
RHEL 8
1:2.02-170.el8_10.1
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.14
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.13
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.19
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.19
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.19
fixed
RHEL 8.8 E4S
1:2.02-152.el8_8.3
fixed
RHEL 8.8 TUS
1:2.02-152.el8_8.3
fixed
RHEL 9
1:2.06-114.el9_7.1
fixed
grub2-pc-modules
RHEL 8
1:2.02-170.el8_10.1
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.14
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.13
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.19
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.19
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.19
fixed
RHEL 8.8 E4S
1:2.02-152.el8_8.3
fixed
RHEL 8.8 TUS
1:2.02-152.el8_8.3
fixed
RHEL 9
1:2.06-114.el9_7.1
fixed
grub2-ppc64le
RHEL 8
1:2.02-170.el8_10.1
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.19
fixed
RHEL 8.8 E4S
1:2.02-152.el8_8.3
fixed
RHEL 9
1:2.06-114.el9_7.1
fixed
grub2-ppc64le-modules
RHEL 8
1:2.02-170.el8_10.1
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.14
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.13
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.19
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.19
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.19
fixed
RHEL 8.8 E4S
1:2.02-152.el8_8.3
fixed
RHEL 8.8 TUS
1:2.02-152.el8_8.3
fixed
RHEL 9
1:2.06-114.el9_7.1
fixed
grub2-tools
RHEL 8
1:2.02-170.el8_10.1
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.14
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.13
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.19
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.19
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.19
fixed
RHEL 8.8 E4S
1:2.02-152.el8_8.3
fixed
RHEL 8.8 TUS
1:2.02-152.el8_8.3
fixed
RHEL 9
1:2.06-114.el9_7.1
fixed
grub2-tools-efi
RHEL 8
1:2.02-170.el8_10.1
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.14
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.13
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.19
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.19
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.19
fixed
RHEL 8.8 E4S
1:2.02-152.el8_8.3
fixed
RHEL 8.8 TUS
1:2.02-152.el8_8.3
fixed
RHEL 9
1:2.06-114.el9_7.1
fixed
grub2-tools-extra
RHEL 8
1:2.02-170.el8_10.1
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.14
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.13
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.19
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.19
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.19
fixed
RHEL 8.8 E4S
1:2.02-152.el8_8.3
fixed
RHEL 8.8 TUS
1:2.02-152.el8_8.3
fixed
RHEL 9
1:2.06-114.el9_7.1
fixed
grub2-tools-minimal
RHEL 8
1:2.02-170.el8_10.1
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.14
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.13
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.19
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.19
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.19
fixed
RHEL 8.8 E4S
1:2.02-152.el8_8.3
fixed
RHEL 8.8 TUS
1:2.02-152.el8_8.3
fixed
RHEL 9
1:2.06-114.el9_7.1
fixed
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2026:10097
https://access.redhat.com/errata/RHSA-2026:14773
https://access.redhat.com/errata/RHSA-2026:15087
https://access.redhat.com/errata/RHSA-2026:17596
https://access.redhat.com/errata/RHSA-2026:4648
https://access.redhat.com/errata/RHSA-2026:4649
https://access.redhat.com/errata/RHSA-2026:4652
https://access.redhat.com/errata/RHSA-2026:4653
https://access.redhat.com/errata/RHSA-2026:4654
https://access.redhat.com/errata/RHSA-2026:4760
https://access.redhat.com/errata/RHSA-2026:4822
https://access.redhat.com/errata/RHSA-2026:4823
https://access.redhat.com/errata/RHSA-2026:4830
https://access.redhat.com/errata/RHSA-2026:4900
https://access.redhat.com/errata/RHSA-2026:4998
https://access.redhat.com/errata/RHSA-2026:5074
https://access.redhat.com/errata/RHSA-2026:5127
https://access.redhat.com/errata/RHSA-2026:5233
https://access.redhat.com/errata/RHSA-2026:6492
https://access.redhat.com/errata/RHSA-2026:7239
https://access.redhat.com/errata/RHSA-2026:7243
https://access.redhat.com/security/cve/CVE-2025-61662
https://bugzilla.redhat.com/show_bug.cgi?id=2414683
https://lists.gnu.org/archive/html/grub-devel/2025-11/msg00155.html
http://www.openwall.com/lists/oss-security/2025/11/18/5