icon

We found results for “

CVE-2024-45779

Date: March 3, 2025

A flaw was found in grub2. There's an integer overflow in the BFS file system driver. When reading a file with indirect extent map grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause a integer overflow during the file reading, leading to a Heap Ouf-of-Bounds read. As consequence sensitive data may be leaked or the grub2 to crash.

Severity Score

Severity Score

Weakness Type (CWE)

Integer Overflow or Wraparound

CWE-190

Out-of-bounds Read

CWE-125

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): HIGH
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): NONE
Availability (A): HIGH

Do you need more information?

Contact Us