grub2 (SUSE:Manager Server 4.3) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Manager Server 4.3 package grub2, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (22)
CVE-2024-56737 — CVSS 8.8 (high): GNU GRUB (aka GRUB2) through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem.
CVE-2025-1125 — CVSS 7.8 (high): When reading data from a hfs filesystem, grub's hfs filesystem module uses user-controlled parameters from the filesystem metadata to…
CVE-2025-0689 — CVSS 7.8 (high): When reading data from disk, the grub's UDF filesystem module utilizes the user controlled data length metadata to allocate its internal…
CVE-2024-45782 — CVSS 7.8 (high): A flaw was found in the HFS filesystem. When reading an HFS volume's name at grub_fs_mount(), the HFS filesystem driver performs a strcpy()…
CVE-2025-0678 — CVSS 7.8 (high): A flaw was found in grub2. When reading data from a squash4 filesystem, grub's squash4 fs module uses user-controlled parameters from the…
CVE-2025-0624 — CVSS 7.6 (high): A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user…
CVE-2024-45774 — CVSS 6.7 (medium): A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal…
CVE-2024-45776 — CVSS 6.7 (medium): When reading the language .mo file in grub_mofile_open(), grub2 fails to verify an integer overflow when allocating its internal buffer. A…
CVE-2024-45777 — CVSS 6.7 (medium): A flaw was found in grub2. The calculation of the translation buffer when reading a language .mo file in grub_gettext_getstr_from_position()…
CVE-2024-45780 — CVSS 6.7 (medium): A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly…
CVE-2024-45781 — CVSS 6.7 (medium): A flaw was found in grub2. When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length taken as an…
CVE-2025-0622 — CVSS 6.4 (medium): A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded…
CVE-2025-0677 — CVSS 6.4 (medium): A flaw was found in grub2. When performing a symlink lookup, the grub's UFS module checks the inode's data size to allocate the internal…
CVE-2025-0684 — CVSS 6.4 (medium): A flaw was found in grub2. When performing a symlink lookup from a reiserfs filesystem, grub's reiserfs fs module uses user-controlled…
CVE-2025-0685 — CVSS 6.4 (medium): A flaw was found in grub2. When reading data from a jfs filesystem, grub's jfs filesystem module uses user-controlled parameters from the…
CVE-2025-0686 — CVSS 6.4 (medium): A flaw was found in grub2. When performing a symlink lookup from a romfs filesystem, grub's romfs filesystem module uses user-controlled…
CVE-2025-0690 — CVSS 6.1 (medium): The read command is used to read the keyboard input from the user, while reads it keeps the input length in a 32-bit integer value which is…
CVE-2024-45779 — CVSS 6.0 (medium): An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to…
CVE-2024-45775 — CVSS 5.2 (medium): A flaw was found in grub2 where the grub_extcmd_dispatcher() function calls grub_arg_list_alloc() to allocate memory for the grub's…
CVE-2025-1118 — CVSS 4.4 (medium): A flaw was found in grub2. Grub's dump command is not blocked when grub is in lockdown mode, which allows the user to read any memory…
CVE-2024-45783 — CVSS 4.4 (medium): A flaw was found in grub2. When failing to mount an HFS+ grub, the hfsplus filesystem driver doesn't properly set an ERRNO value. This…
CVE-2024-45778 — CVSS 4.1 (medium): A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to…