CVE-2025-1118

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-1118

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-1118.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-1118

Downstream

AZL-56904

AZL-57025

BELL-CVE-2025-1118

CLSA-2025-1742805183

CLSA-2025-1744213211

CLSA-2025-1744222859

CLSA-2025-1744628858

CLSA-2025-1744717794

CLSA-2025-1744724536

DEBIAN-CVE-2025-1118

OESA-2025-1216

OESA-2025-1217

OESA-2025-1218

OESA-2025-1291

OESA-2025-1292

RHSA-2025:16154

RLSA-2025:16154

SUSE-SU-2025:01961-1

SUSE-SU-2025:0586-1

SUSE-SU-2025:0587-1

SUSE-SU-2025:0588-1

SUSE-SU-2025:0607-1

SUSE-SU-2025:0629-1

SUSE-SU-2025:20511-1

SUSE-SU-2025:20863-1

UBUNTU-CVE-2025-1118

openSUSE-SU-2025:14822-1

Related

Withdrawn

2026-01-27T04:19:55.109648Z

Published

2025-02-19T18:15:24Z

Modified

2026-03-11T07:49:41.794547556Z

Summary

[none]

Details

A flaw was found in grub2. Grub's dump command is not blocked when grub is in lockdown mode, which allows the user to read any memory information, and an attacker may leverage this in order to extract signatures, salts, and other sensitive information from the memory.

References

Affected packages