CVE-2024-45775

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-45775

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-45775.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-45775

Downstream

BELL-CVE-2024-45775

DEBIAN-CVE-2024-45775

OESA-2025-1216

OESA-2025-1217

OESA-2025-1218

OESA-2025-1291

OESA-2025-1292

RHSA-2025:6990

RLSA-2025:6990

SUSE-SU-2025:01961-1

SUSE-SU-2025:0586-1

SUSE-SU-2025:0587-1

SUSE-SU-2025:0588-1

SUSE-SU-2025:0607-1

SUSE-SU-2025:0629-1

SUSE-SU-2025:20511-1

SUSE-SU-2025:20863-1

UBUNTU-CVE-2024-45775

openSUSE-SU-2025:14822-1

Related

Withdrawn

2026-01-27T04:19:42.433691Z

Published

2025-02-18T20:15:19Z

Modified

2026-03-11T07:53:29.238868246Z

Summary

[none]

Details

A flaw was found in grub2 where the grubextcmddispatcher() function calls grubarglistalloc() to allocate memory for the grub's argument list. However, it fails to check in case the memory allocation fails. Once the allocation fails, a NULL point will be processed by the parseoption() function, leading grub to crash or, in some rare scenarios, corrupt the IVT data.

References

Affected packages