CVE-2025-1125

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-1125

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-1125.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-1125

Related

Published

2025-03-03T15:15:16Z

Modified

2025-03-05T22:50:45.893628Z

Summary

[none]

Details

When reading data from a hfs filesystem, grub's hfs filesystem module uses user-controlled parameters from the filesystem metadata to calculate the internal buffers size, however it misses to properly check for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculation to overflow, causing it to perform a grubmalloc() operation with a smaller size than expected. As a result the hfsplusopencompressedreal() function will write past of the internal buffer length. This flaw may be leveraged to corrupt grub's internal critical data and may result in arbitrary code execution by-passing secure boot protections.

References

Affected packages

Debian:11 / grub2

Package

Name: grub2
Purl: pkg:deb/debian/grub2?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.04-20

2.06-1

2.06-2

2.06-2+hurd.1

2.06-2+hurd.2

2.06-2+hurd.3

2.06-2+hurd.4

2.06-2+hurd.5

2.06-2+hurd.6

2.06-2+hurd.7

2.06-2+hurd.8

2.06-3~deb10u1

2.06-3~deb10u2

2.06-3~deb10u3

2.06-3~deb10u4

2.06-3~deb11u1

2.06-3~deb11u2

2.06-3~deb11u4

2.06-3~deb11u5

2.06-3~deb11u6

2.06-3

2.06-4

2.06-4+hurd.1

2.06-5

2.06-6

2.06-7

2.06-8

2.06-8+hurd.1

2.06-8.1

2.06-9

2.06-10

2.06-11

2.06-12

2.06-13

2.06-13+hurd.1

2.06-13+hurd.2

2.06-14

2.12~rc1-1

2.12~rc1-2

2.12~rc1-3

2.12~rc1-6

2.12~rc1-7

2.12~rc1-8

2.12~rc1-9

2.12~rc1-10

2.12~rc1-11

2.12~rc1-12

2.12~rc1-13

2.12-1~bpo12+1

2.12-1

2.12-1.1

2.12-2~deb13u1

2.12-2

2.12-3

2.12-4

2.12-5

2.12-5+hurd.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / grub2

Package

Name: grub2
Purl: pkg:deb/debian/grub2?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.06-13

2.06-13+deb12u1

2.06-13+hurd.1

2.06-13+hurd.2

2.06-14

2.12~rc1-1

2.12~rc1-2

2.12~rc1-3

2.12~rc1-6

2.12~rc1-7

2.12~rc1-8

2.12~rc1-9

2.12~rc1-10

2.12~rc1-11

2.12~rc1-12

2.12~rc1-13

2.12-1~bpo12+1

2.12-1

2.12-1.1

2.12-2~deb13u1

2.12-2

2.12-3

2.12-4

2.12-5

2.12-5+hurd.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / grub2

Package

Name: grub2
Purl: pkg:deb/debian/grub2?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.06-13

2.06-13+deb13u1

2.06-13+hurd.1

2.06-13+hurd.2

2.06-14

2.12~rc1-1

2.12~rc1-2

2.12~rc1-3

2.12~rc1-6

2.12~rc1-7

2.12~rc1-8

2.12~rc1-9

2.12~rc1-10

2.12~rc1-11

2.12~rc1-12

2.12~rc1-13

2.12-1~bpo12+1

2.12-1

2.12-1.1

2.12-2~deb13u1

2.12-2

2.12-3

2.12-4

2.12-5

2.12-5+hurd.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}