CVE-2025-0677

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-0677

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-0677.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-0677

Related

Published

2025-02-19T19:15:15Z

Modified

2025-02-19T19:47:20.035257Z

Severity

6.4 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A flaw was found in grub2. When performing a symlink lookup, the grub's UFS module checks the inode's data size to allocate the internal buffer to read the file content, however, it fails to check if the symlink data size has overflown. When this occurs, grubmalloc() may be called with a smaller value than needed. When further reading the data from the disk into the buffer, the grubufslookupsymlink() function will write past the end of the allocated size. An attack can leverage this by crafting a malicious filesystem, and as a result, it will corrupt data stored in the heap, allowing for arbitrary code execution used to by-pass secure boot mechanisms.

References

Affected packages

Debian:11 / grub2

Package

Name: grub2
Purl: pkg:deb/debian/grub2?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.04-20

2.06-1

2.06-2

2.06-2+hurd.1

2.06-2+hurd.2

2.06-2+hurd.3

2.06-2+hurd.4

2.06-2+hurd.5

2.06-2+hurd.6

2.06-2+hurd.7

2.06-2+hurd.8

2.06-3~deb10u1

2.06-3~deb10u2

2.06-3~deb10u3

2.06-3~deb10u4

2.06-3~deb11u1

2.06-3~deb11u2

2.06-3~deb11u4

2.06-3~deb11u5

2.06-3~deb11u6

2.06-3

2.06-4

2.06-4+hurd.1

2.06-5

2.06-6

2.06-7

2.06-8

2.06-8+hurd.1

2.06-8.1

2.06-9

2.06-10

2.06-11

2.06-12

2.06-13

2.06-13+hurd.1

2.06-13+hurd.2

2.06-14

2.12~rc1-1

2.12~rc1-2

2.12~rc1-3

2.12~rc1-6

2.12~rc1-7

2.12~rc1-8

2.12~rc1-9

2.12~rc1-10

2.12~rc1-11

2.12~rc1-12

2.12~rc1-13

2.12-1~bpo12+1

2.12-1

2.12-1.1

2.12-2~deb13u1

2.12-2

2.12-3

2.12-4

2.12-5

2.12-5+hurd.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / grub2

Package

Name: grub2
Purl: pkg:deb/debian/grub2?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.06-13

2.06-13+deb12u1

2.06-13+hurd.1

2.06-13+hurd.2

2.06-14

2.12~rc1-1

2.12~rc1-2

2.12~rc1-3

2.12~rc1-6

2.12~rc1-7

2.12~rc1-8

2.12~rc1-9

2.12~rc1-10

2.12~rc1-11

2.12~rc1-12

2.12~rc1-13

2.12-1~bpo12+1

2.12-1

2.12-1.1

2.12-2~deb13u1

2.12-2

2.12-3

2.12-4

2.12-5

2.12-5+hurd.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / grub2

Package

Name: grub2
Purl: pkg:deb/debian/grub2?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.06-13

2.06-13+deb13u1

2.06-13+hurd.1

2.06-13+hurd.2

2.06-14

2.12~rc1-1

2.12~rc1-2

2.12~rc1-3

2.12~rc1-6

2.12~rc1-7

2.12~rc1-8

2.12~rc1-9

2.12~rc1-10

2.12~rc1-11

2.12~rc1-12

2.12~rc1-13

2.12-1~bpo12+1

2.12-1

2.12-1.1

2.12-2~deb13u1

2.12-2

2.12-3

2.12-4

2.12-5

2.12-5+hurd.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}