grub2-ppc64le (AlmaLinux:8) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:8 package grub2-ppc64le, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (8)
CVE-2022-2601 — CVSS 8.6 (high): A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the…
CVE-2025-61662 — CVSS 7.8 (high): A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext…
CVE-2025-0624 — CVSS 7.6 (high): A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user…
CVE-2023-4692 — CVSS 7.5 (high): An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted…
CVE-2022-3775 — CVSS 7.1 (high): When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained…
CVE-2023-4693 — CVSS 5.3 (medium): An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a…
CVE-2024-1048 — CVSS 3.3 (low): A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will create a temporary…
CVE-2021-3981 — CVSS 3.3 (low): A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non…