GRUB2 Out-of-Bound Write Vulnerability in gettext Translation Buffer Handling

Vulnerability

A vulnerability in GRUB2 has been identified, where an integer overflow in the translation buffer calculation when reading a language .mo file can lead to an out-of-bounds write. This flaw allows an attacker to overwrite sensitive heap data in GRUB2, potentially bypassing secure boot protections.

Impact

Exploitation of this vulnerability could allow an attacker to manipulate GRUB2's heap memory, leading to a memory corruption scenario that could be used to bypass secure boot security measures.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GRUB2 Out-of-Bound Write Vulnerability in gettext Translation Buffer Handling

Vulnerability

Impact

Affected Products

GNU GRUB2

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating