CVE-2025-0622

CVSS v3.1

6.4

Medium

Vector

AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Grub2 (affected versions not specified)

Description A flaw was found in command/gpg, where hooks created by loaded modules are not removed when the related module is unloaded. This allows an attacker to force Grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If correctly exploited, this vulnerability may result in arbitrary code execution, eventually allowing the attacker to bypass secure boot protections.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-415

Related Identifiers

ALSA-2025:16154

ALSA-2025:6990

ALT-PU-2025-5587

ALT-PU-2025-6088

BDU:2025-11750

CVE-2025-0622

INFSA-2025_6990

OESA-2025-1216

OESA-2025-1217

OESA-2025-1218

OESA-2025-1232

OESA-2025-1233

OPENSUSE-SU-2025:14822-1

OPENSUSE-SU-2025_0586-1

OPENSUSE-SU-2025_0587-1

OPENSUSE-SU-2025_0588-1

OPENSUSE-SU-2025_0607-1

RHSA-2025:16154

RHSA-2025:6990

RHSA-2025_6990

SUSE-SU-2025:01961-1

SUSE-SU-2025:0586-1

SUSE-SU-2025:0587-1

SUSE-SU-2025:0588-1

SUSE-SU-2025:0607-1

SUSE-SU-2025:0629-1

SUSE-SU-2025:20511-1

SUSE-SU-2025:20863-1

SUSE-SU-2025_0586-1

SUSE-SU-2025_0587-1

SUSE-SU-2025_0588-1

SUSE-SU-2025_0607-1

SUSE-SU-2025_0629-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Debian

Grub2

Red Hat

Red Os

Rocky Linux

Suse

CVE-2025-0622

Weakness Enumeration

Related Identifiers

Affected Products

References · 160