Home > Vulnerability Database > CVE-2025-61664

Mend.io Vulnerability Database

CVE-2025-61664

Good to know:

Date: November 18, 2025

A vulnerability in the GRUB2 bootloader has been identified in the normal module. This flaw, a memory Use After Free issue, occurs because the normal_exit command is not properly unregistered when its related module is unloaded. An attacker can exploit this condition by invoking the command after the module has been removed, causing the system to improperly access a previously freed memory location. This leads to a system crash or possible impacts in data confidentiality and integrity.

Severity Score

4.9

Related Resources (4)

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-61664

Url: https://bugzilla.redhat.com/show_bug.cgi?id=2414685

Url: https://access.redhat.com/security/cve/CVE-2025-61664

Url: https://www.mend.io/vulnerability-database/CVE-2025-61664

Severity Score

4.9

Weakness Type (CWE)

Expired Pointer Dereference

CWE-825

CVSS v3.1

Base Score:	4.9
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2025-61664

Good to know:

Date: November 18, 2025

Severity Score

Related Resources (4)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?