CVE-2025-61664

CVSS v3.1

4.9

Medium

Vector

AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions GRUB2 (affected versions not specified)

Description A memory Use After Free issue exists in the GRUB2 bootloader's normal module. The problem arises because the normal exit command is not correctly unregistered when its associated module is unloaded. An attacker can trigger this by calling the command after the module has been removed, resulting in improper access to freed memory. This can cause a system crash and potentially compromise data confidentiality and integrity.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-825

Related Identifiers

AZL-70529

AZL-70571

BDU:2025-14784

CVE-2025-61664

OESA-2025-2735

OESA-2025-2736

OESA-2025-2737

OESA-2025-2738

OESA-2025-2739

OPENSUSE-SU-2025:15749-1

OPENSUSE-SU-2025:20163-1

SUSE-SU-2025:21062-1

SUSE-SU-2025:21212-1

SUSE-SU-2025:21223-1

SUSE-SU-2025:4143-1

SUSE-SU-2025:4152-1

SUSE-SU-2025:4196-1

SUSE-SU-2025:4197-1

SUSE-SU-2025:4224-1

SUSE-SU-2025:4305-1

Affected Products

Debian

Grub2

Red Os

Suse

CVE-2025-61664

Weakness Enumeration

Related Identifiers

Affected Products

References · 86