vulnerability
Red Hat: CVE-2025-1118: grub2: commands/dump: The dump command is not in lockdown when secure boot is enabled (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:L/AC:L/Au:M/C:C/I:N/A:N) | Feb 19, 2025 | Jul 9, 2025 | Jan 27, 2026 |
Severity
4
CVSS
(AV:L/AC:L/Au:M/C:C/I:N/A:N)
Published
Feb 19, 2025
Added
Jul 9, 2025
Modified
Jan 27, 2026
Description
A flaw was found in grub2. Grub's dump command is not blocked when grub is in lockdown mode, which allows the user to read any memory information, and an attacker may leverage this in order to extract signatures, salts, and other sensitive information from the memory.
Solutions
no-fix-redhat-rpm-packageredhat-upgrade-grub2-commonredhat-upgrade-grub2-debuginforedhat-upgrade-grub2-debugsourceredhat-upgrade-grub2-efi-aa64-modulesredhat-upgrade-grub2-efi-x64redhat-upgrade-grub2-efi-x64-cdbootredhat-upgrade-grub2-efi-x64-modulesredhat-upgrade-grub2-emu-debuginforedhat-upgrade-grub2-pcredhat-upgrade-grub2-pc-modulesredhat-upgrade-grub2-ppc64le-modulesredhat-upgrade-grub2-toolsredhat-upgrade-grub2-tools-debuginforedhat-upgrade-grub2-tools-efiredhat-upgrade-grub2-tools-efi-debuginforedhat-upgrade-grub2-tools-extraredhat-upgrade-grub2-tools-extra-debuginforedhat-upgrade-grub2-tools-minimalredhat-upgrade-grub2-tools-minimal-debuginfo
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.