SB202502197186 - SUSE update for grub2 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB202502197186

SB202502197186 - SUSE update for grub2

Published: February 19, 2025

Security Bulletin ID SB202502197186
Severity
Low
Patch available
YES
Number of vulnerabilities 22
Exploitation vector Local access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 22 secuirty vulnerabilities.


1) Out-of-bounds write (CVE-ID: CVE-2024-45774)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when parsing JPEG files. A local user can trigger an out-of-bounds write and execute arbitrary code on the system.


2) Improper error handling (CVE-ID: CVE-2024-45775)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect handling of memory allocation failures within the grub_extcmd_dispatcher() function. A local user can perform a denial of service attack or corrupt the IVT data.


3) Integer overflow (CVE-ID: CVE-2024-45776)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow within the grub_mofile_open() function when reading .mo file. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.


4) Integer overflow (CVE-ID: CVE-2024-45777)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow within the grub_gettext_getstr_from_position() function when reading .mo file. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.


5) Integer overflow (CVE-ID: CVE-2024-45778)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow when reading BFS filesystem. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.


6) Integer overflow (CVE-ID: CVE-2024-45779)

The vulnerability allows a local user to corrupt data.

The vulnerability exists due to integer overflow within the BFS filesystem driver. A local user can trigger an integer overflow and corrupt data.


7) Integer overflow (CVE-ID: CVE-2024-45780)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow when handling tar files. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.


8) Out-of-bounds write (CVE-ID: CVE-2024-45781)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when ready symbolic link name from a UFS filesystem. A local user can trigger an out-of-bounds write and execute arbitrary code.


9) Out-of-bounds write (CVE-ID: CVE-2024-45782)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when reading a volume's name within the grub_fs_mount() function in HFS filesystem driver. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.


10) NULL pointer dereference (CVE-ID: CVE-2024-45783)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error when failing to mount a HFS+. A local user can perform a denial of service (DoS) attack.


11) Heap-based buffer overflow (CVE-ID: CVE-2024-56737)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the fs/hfs.c when reading sblock data from HFS filesystem. A local user can trigger a heap-based buffer overflow and execute arbitrary code with elevated privileges.


12) Use-after-free (CVE-ID: CVE-2025-0622)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error caused by not removing hooks when the related module is being unloaded. A local user can execute arbitrary code with elevated privileges.



13) Out-of-bounds write (CVE-ID: CVE-2025-0624)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the grub_net_search_config_file() function. A local user can trigger an out-of-bounds write and execute arbitrary code on the system.


14) Integer overflow (CVE-ID: CVE-2025-0677)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow when performing a symlink lookup within the grub_ufs_lookup_symlink() function in UFS filesystem driver. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.


15) Integer overflow (CVE-ID: CVE-2025-0678)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow in squash4 fs module. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.


16) Out-of-bounds write (CVE-ID: CVE-2025-0684)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when performing a symlink lookup from a reiserfs filesystem. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.


17) Integer overflow (CVE-ID: CVE-2025-0685)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow when reading data from a jfs filesystem within the grub_jfs_lookup_symlink() function. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.


18) Integer overflow (CVE-ID: CVE-2025-0686)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow within the grub_romfs_read_symlink() function when performing a symlink lookup from a romfs filesystem. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.


19) Heap-based buffer overflow (CVE-ID: CVE-2025-0689)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the grub_udf_read_block() function when reading data from disk. A local user can trigger a heap-based buffer overflow and execute arbitrary code with elevated privileges.


20) Integer overflow (CVE-ID: CVE-2025-0690)

The vulnerability allows an attacker to escalate privileges on the system.

The vulnerability exists due to integer overflow when reading data from the keyboard input. An attacker with physical access to the system can trigger an integer overflow and execute arbitrary code with elevated privileges.


21) Security features bypass (CVE-ID: CVE-2025-1118)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to the dump command is not blocked when grub is in lockdown mode. A local user can read any data from the system memory.


22) Integer overflow (CVE-ID: CVE-2025-1125)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow within the hfsplus_open_compressed_real() function when reading data from a hfs filesystem. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.


Remediation

Install update from vendor's website.

References