GRUB2 Stack Overflow Vulnerability in BFS Filesystem Parser

Vulnerability

A stack overflow vulnerability has been identified in GRUB2 when reading a BFS (Breadth-First Search) filesystem. This flaw can be exploited by a crafted BFS filesystem, leading to an uncontrolled loop that causes GRUB2 to crash. The vulnerability arises from an integer overflow in the BFS parser, which can create an infinite loop or excessive resource consumption, destabilizing the system.

Impact

Exploitation of this vulnerability causes GRUB2 to crash, disrupting the boot process and potentially leading to a denial-of-service condition.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

2.8

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

2.8

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GRUB2 Stack Overflow Vulnerability in BFS Filesystem Parser

Vulnerability

Impact

Affected Products

Red Hat grub2

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating