vulnerability

SUSE: CVE-2024-45775: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:M/Au:M/C:P/I:P/A:C)	May 30, 2025	Dec 5, 2025	Dec 5, 2025

Severity

CVSS

(AV:L/AC:M/Au:M/C:P/I:P/A:C)

Published

May 30, 2025

Added

Dec 5, 2025

Modified

Dec 5, 2025

Description

A flaw was found in grub2 where the grub_extcmd_dispatcher() function calls grub_arg_list_alloc() to allocate memory for the grub's argument list. However, it fails to check in case the memory allocation fails. Once the allocation fails, a NULL point will be processed by the parse_option() function, leading grub to crash or, in some rare scenarios, corrupt the IVT data.

Solutions

suse-upgrade-grub2suse-upgrade-grub2-arm64-efisuse-upgrade-grub2-arm64-efi-debugsuse-upgrade-grub2-arm64-efi-extrassuse-upgrade-grub2-branding-upstreamsuse-upgrade-grub2-commonsuse-upgrade-grub2-i386-pcsuse-upgrade-grub2-i386-pc-debugsuse-upgrade-grub2-i386-pc-extrassuse-upgrade-grub2-i386-xen-debugsuse-upgrade-grub2-powerpc-ieee1275suse-upgrade-grub2-powerpc-ieee1275-debugsuse-upgrade-grub2-powerpc-ieee1275-extrassuse-upgrade-grub2-s390x-emususe-upgrade-grub2-s390x-emu-debugsuse-upgrade-grub2-s390x-emu-extrassuse-upgrade-grub2-snapper-pluginsuse-upgrade-grub2-systemd-sleep-pluginsuse-upgrade-grub2-x86_64-efisuse-upgrade-grub2-x86_64-efi-debugsuse-upgrade-grub2-x86_64-efi-extrassuse-upgrade-grub2-x86_64-xensuse-upgrade-grub2-x86_64-xen-debugsuse-upgrade-grub2-x86_64-xen-extras

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today