openEuler 22.03 LTS SP4 update for grub2
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 9 |
| CVE-ID | CVE-2024-45774 CVE-2024-45778 CVE-2024-45779 CVE-2024-45780 CVE-2024-56737 CVE-2025-0622 CVE-2025-0624 CVE-2025-0677 CVE-2025-1125 |
| CWE-ID | CWE-787 CWE-190 CWE-122 CWE-416 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
openEuler Operating systems & Components / Operating system grub2-tools-efi Operating systems & Components / Operating system package or component grub2-pc Operating systems & Components / Operating system package or component grub2-efi-x64-cdboot Operating systems & Components / Operating system package or component grub2-efi-x64 Operating systems & Components / Operating system package or component grub2-efi-ia32-cdboot Operating systems & Components / Operating system package or component grub2-efi-ia32 Operating systems & Components / Operating system package or component grub2-pc-modules Operating systems & Components / Operating system package or component grub2-help Operating systems & Components / Operating system package or component grub2-efi-x64-modules Operating systems & Components / Operating system package or component grub2-efi-ia32-modules Operating systems & Components / Operating system package or component grub2-efi-aa64-modules Operating systems & Components / Operating system package or component grub2-common Operating systems & Components / Operating system package or component grub2-tools-minimal Operating systems & Components / Operating system package or component grub2-tools-extra Operating systems & Components / Operating system package or component grub2-tools Operating systems & Components / Operating system package or component grub2-efi-aa64-cdboot Operating systems & Components / Operating system package or component grub2-efi-aa64 Operating systems & Components / Operating system package or component grub2-debugsource Operating systems & Components / Operating system package or component grub2-debuginfo Operating systems & Components / Operating system package or component grub2 Operating systems & Components / Operating system package or component |
| Vendor | openEuler |
Security Bulletin
This security bulletin contains information about 9 vulnerabilities.
1) Out-of-bounds write
EUVDB-ID: #VU104065
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45774
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error when parsing JPEG files. A local user can trigger an out-of-bounds write and execute arbitrary code on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP4
grub2-tools-efi: before 2.06-51
grub2-pc: before 2.06-51
grub2-efi-x64-cdboot: before 2.06-51
grub2-efi-x64: before 2.06-51
grub2-efi-ia32-cdboot: before 2.06-51
grub2-efi-ia32: before 2.06-51
grub2-pc-modules: before 2.06-51
grub2-help: before 2.06-51
grub2-efi-x64-modules: before 2.06-51
grub2-efi-ia32-modules: before 2.06-51
grub2-efi-aa64-modules: before 2.06-51
grub2-common: before 2.06-51
grub2-tools-minimal: before 2.06-51
grub2-tools-extra: before 2.06-51
grub2-tools: before 2.06-51
grub2-efi-aa64-cdboot: before 2.06-51
grub2-efi-aa64: before 2.06-51
grub2-debugsource: before 2.06-51
grub2-debuginfo: before 2.06-51
grub2: before 2.06-51
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP4:*:*:*:*:*:*
- cpe:2.3:o:openeuler:grub2-tools-efi:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-pc:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-pc-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools-minimal:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools-extra:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1233
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Integer overflow
EUVDB-ID: #VU104069
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45778
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow when reading BFS filesystem. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP4
grub2-tools-efi: before 2.06-51
grub2-pc: before 2.06-51
grub2-efi-x64-cdboot: before 2.06-51
grub2-efi-x64: before 2.06-51
grub2-efi-ia32-cdboot: before 2.06-51
grub2-efi-ia32: before 2.06-51
grub2-pc-modules: before 2.06-51
grub2-help: before 2.06-51
grub2-efi-x64-modules: before 2.06-51
grub2-efi-ia32-modules: before 2.06-51
grub2-efi-aa64-modules: before 2.06-51
grub2-common: before 2.06-51
grub2-tools-minimal: before 2.06-51
grub2-tools-extra: before 2.06-51
grub2-tools: before 2.06-51
grub2-efi-aa64-cdboot: before 2.06-51
grub2-efi-aa64: before 2.06-51
grub2-debugsource: before 2.06-51
grub2-debuginfo: before 2.06-51
grub2: before 2.06-51
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP4:*:*:*:*:*:*
- cpe:2.3:o:openeuler:grub2-tools-efi:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-pc:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-pc-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools-minimal:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools-extra:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1233
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Integer overflow
EUVDB-ID: #VU104070
Risk: Low
CVSSv4.0: 0.2 [CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45779
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to corrupt data.
The vulnerability exists due to integer overflow within the BFS filesystem driver. A local user can trigger an integer overflow and corrupt data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP4
grub2-tools-efi: before 2.06-51
grub2-pc: before 2.06-51
grub2-efi-x64-cdboot: before 2.06-51
grub2-efi-x64: before 2.06-51
grub2-efi-ia32-cdboot: before 2.06-51
grub2-efi-ia32: before 2.06-51
grub2-pc-modules: before 2.06-51
grub2-help: before 2.06-51
grub2-efi-x64-modules: before 2.06-51
grub2-efi-ia32-modules: before 2.06-51
grub2-efi-aa64-modules: before 2.06-51
grub2-common: before 2.06-51
grub2-tools-minimal: before 2.06-51
grub2-tools-extra: before 2.06-51
grub2-tools: before 2.06-51
grub2-efi-aa64-cdboot: before 2.06-51
grub2-efi-aa64: before 2.06-51
grub2-debugsource: before 2.06-51
grub2-debuginfo: before 2.06-51
grub2: before 2.06-51
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP4:*:*:*:*:*:*
- cpe:2.3:o:openeuler:grub2-tools-efi:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-pc:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-pc-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools-minimal:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools-extra:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1233
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Integer overflow
EUVDB-ID: #VU104072
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45780
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow when handling tar files. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP4
grub2-tools-efi: before 2.06-51
grub2-pc: before 2.06-51
grub2-efi-x64-cdboot: before 2.06-51
grub2-efi-x64: before 2.06-51
grub2-efi-ia32-cdboot: before 2.06-51
grub2-efi-ia32: before 2.06-51
grub2-pc-modules: before 2.06-51
grub2-help: before 2.06-51
grub2-efi-x64-modules: before 2.06-51
grub2-efi-ia32-modules: before 2.06-51
grub2-efi-aa64-modules: before 2.06-51
grub2-common: before 2.06-51
grub2-tools-minimal: before 2.06-51
grub2-tools-extra: before 2.06-51
grub2-tools: before 2.06-51
grub2-efi-aa64-cdboot: before 2.06-51
grub2-efi-aa64: before 2.06-51
grub2-debugsource: before 2.06-51
grub2-debuginfo: before 2.06-51
grub2: before 2.06-51
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP4:*:*:*:*:*:*
- cpe:2.3:o:openeuler:grub2-tools-efi:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-pc:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-pc-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools-minimal:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools-extra:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1233
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Heap-based buffer overflow
EUVDB-ID: #VU104091
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56737
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the fs/hfs.c when reading sblock data from HFS filesystem. A local user can trigger a heap-based buffer overflow and execute arbitrary code with elevated privileges.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP4
grub2-tools-efi: before 2.06-51
grub2-pc: before 2.06-51
grub2-efi-x64-cdboot: before 2.06-51
grub2-efi-x64: before 2.06-51
grub2-efi-ia32-cdboot: before 2.06-51
grub2-efi-ia32: before 2.06-51
grub2-pc-modules: before 2.06-51
grub2-help: before 2.06-51
grub2-efi-x64-modules: before 2.06-51
grub2-efi-ia32-modules: before 2.06-51
grub2-efi-aa64-modules: before 2.06-51
grub2-common: before 2.06-51
grub2-tools-minimal: before 2.06-51
grub2-tools-extra: before 2.06-51
grub2-tools: before 2.06-51
grub2-efi-aa64-cdboot: before 2.06-51
grub2-efi-aa64: before 2.06-51
grub2-debugsource: before 2.06-51
grub2-debuginfo: before 2.06-51
grub2: before 2.06-51
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP4:*:*:*:*:*:*
- cpe:2.3:o:openeuler:grub2-tools-efi:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-pc:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-pc-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools-minimal:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools-extra:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1233
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Use-after-free
EUVDB-ID: #VU104079
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-0622
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error caused by not removing hooks when the related module is being unloaded. A local user can execute arbitrary code with elevated privileges.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP4
grub2-tools-efi: before 2.06-51
grub2-pc: before 2.06-51
grub2-efi-x64-cdboot: before 2.06-51
grub2-efi-x64: before 2.06-51
grub2-efi-ia32-cdboot: before 2.06-51
grub2-efi-ia32: before 2.06-51
grub2-pc-modules: before 2.06-51
grub2-help: before 2.06-51
grub2-efi-x64-modules: before 2.06-51
grub2-efi-ia32-modules: before 2.06-51
grub2-efi-aa64-modules: before 2.06-51
grub2-common: before 2.06-51
grub2-tools-minimal: before 2.06-51
grub2-tools-extra: before 2.06-51
grub2-tools: before 2.06-51
grub2-efi-aa64-cdboot: before 2.06-51
grub2-efi-aa64: before 2.06-51
grub2-debugsource: before 2.06-51
grub2-debuginfo: before 2.06-51
grub2: before 2.06-51
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP4:*:*:*:*:*:*
- cpe:2.3:o:openeuler:grub2-tools-efi:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-pc:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-pc-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools-minimal:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools-extra:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1233
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Out-of-bounds write
EUVDB-ID: #VU104080
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-0624
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the grub_net_search_config_file() function. A local user can trigger an out-of-bounds write and execute arbitrary code on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP4
grub2-tools-efi: before 2.06-51
grub2-pc: before 2.06-51
grub2-efi-x64-cdboot: before 2.06-51
grub2-efi-x64: before 2.06-51
grub2-efi-ia32-cdboot: before 2.06-51
grub2-efi-ia32: before 2.06-51
grub2-pc-modules: before 2.06-51
grub2-help: before 2.06-51
grub2-efi-x64-modules: before 2.06-51
grub2-efi-ia32-modules: before 2.06-51
grub2-efi-aa64-modules: before 2.06-51
grub2-common: before 2.06-51
grub2-tools-minimal: before 2.06-51
grub2-tools-extra: before 2.06-51
grub2-tools: before 2.06-51
grub2-efi-aa64-cdboot: before 2.06-51
grub2-efi-aa64: before 2.06-51
grub2-debugsource: before 2.06-51
grub2-debuginfo: before 2.06-51
grub2: before 2.06-51
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP4:*:*:*:*:*:*
- cpe:2.3:o:openeuler:grub2-tools-efi:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-pc:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-pc-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools-minimal:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools-extra:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1233
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Integer overflow
EUVDB-ID: #VU104081
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-0677
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow when performing a symlink lookup within the grub_ufs_lookup_symlink() function in UFS filesystem driver. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP4
grub2-tools-efi: before 2.06-51
grub2-pc: before 2.06-51
grub2-efi-x64-cdboot: before 2.06-51
grub2-efi-x64: before 2.06-51
grub2-efi-ia32-cdboot: before 2.06-51
grub2-efi-ia32: before 2.06-51
grub2-pc-modules: before 2.06-51
grub2-help: before 2.06-51
grub2-efi-x64-modules: before 2.06-51
grub2-efi-ia32-modules: before 2.06-51
grub2-efi-aa64-modules: before 2.06-51
grub2-common: before 2.06-51
grub2-tools-minimal: before 2.06-51
grub2-tools-extra: before 2.06-51
grub2-tools: before 2.06-51
grub2-efi-aa64-cdboot: before 2.06-51
grub2-efi-aa64: before 2.06-51
grub2-debugsource: before 2.06-51
grub2-debuginfo: before 2.06-51
grub2: before 2.06-51
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP4:*:*:*:*:*:*
- cpe:2.3:o:openeuler:grub2-tools-efi:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-pc:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-pc-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools-minimal:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools-extra:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1233
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Integer overflow
EUVDB-ID: #VU104089
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-1125
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow within the hfsplus_open_compressed_real() function when reading data from a hfs filesystem. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP4
grub2-tools-efi: before 2.06-51
grub2-pc: before 2.06-51
grub2-efi-x64-cdboot: before 2.06-51
grub2-efi-x64: before 2.06-51
grub2-efi-ia32-cdboot: before 2.06-51
grub2-efi-ia32: before 2.06-51
grub2-pc-modules: before 2.06-51
grub2-help: before 2.06-51
grub2-efi-x64-modules: before 2.06-51
grub2-efi-ia32-modules: before 2.06-51
grub2-efi-aa64-modules: before 2.06-51
grub2-common: before 2.06-51
grub2-tools-minimal: before 2.06-51
grub2-tools-extra: before 2.06-51
grub2-tools: before 2.06-51
grub2-efi-aa64-cdboot: before 2.06-51
grub2-efi-aa64: before 2.06-51
grub2-debugsource: before 2.06-51
grub2-debuginfo: before 2.06-51
grub2: before 2.06-51
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP4:*:*:*:*:*:*
- cpe:2.3:o:openeuler:grub2-tools-efi:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-pc:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-pc-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-x64-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-ia32-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64-modules:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-common:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools-minimal:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools-extra:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64-cdboot:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-efi-aa64:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:grub2:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1233
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
