CVE-2024-45777

CVSS v2.0

6.8

Medium

Vector

AV:L/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions grub2 (affected versions not specified)

Description A flaw was found in grub2. The calculation of the translation buffer when reading a language .mo file in grub gettext getstr from position() may overflow, leading to an out-of-bound write. This issue can be leveraged by an attacker to overwrite grub2's sensitive heap data, eventually leading to the circumvention of secure boot protections.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Memory Corruption

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-190

Related Identifiers

ALSA-2025:20532

ALT-PU-2025-5587

ALT-PU-2025-6088

AZL-56901

AZL-56992

BDU:2025-07120

CVE-2024-45777

INFSA-2025_20532

OESA-2025-1216

OESA-2025-1217

OESA-2025-1218

OESA-2025-1291

OESA-2025-1292

OPENSUSE-SU-2025:14822-1

OPENSUSE-SU-2025_0586-1

OPENSUSE-SU-2025_0587-1

OPENSUSE-SU-2025_0588-1

OPENSUSE-SU-2025_0607-1

RHSA-2025:20532

RHSA-2025_20532

SUSE-SU-2025:01961-1

SUSE-SU-2025:0586-1

SUSE-SU-2025:0587-1

SUSE-SU-2025:0588-1

SUSE-SU-2025:0607-1

SUSE-SU-2025:0629-1

SUSE-SU-2025:20511-1

SUSE-SU-2025:20863-1

SUSE-SU-2025_0586-1

SUSE-SU-2025_0587-1

SUSE-SU-2025_0588-1

SUSE-SU-2025_0607-1

SUSE-SU-2025_0629-1

Affected Products

Alt Linux

Almalinux

Debian

Red Hat

Red Os

Rocky Linux

Suse

Grub2

CVE-2024-45777

Weakness Enumeration

Related Identifiers

Affected Products

References · 140