Volerion logoVolerion
Volerion logoVolerion

Red Hat Grub2 Use-After-Free Vulnerability in Command GPG Module Allowing Arbitrary Code Execution

Vulnerability

A use-after-free vulnerability has been identified in the Grub2 bootloader, specifically within the command/gpg module. This issue arises because hooks created by loaded modules are not always removed when the module is unloaded. An attacker can exploit this flaw by forcing Grub2 to execute the hooks after the corresponding module has been unloaded, leading to a use-after-free condition. If successfully exploited, this vulnerability could allow arbitrary code execution, potentially enabling the attacker to bypass secure boot protections. This vulnerability affects Red Hat Enterprise Linux 9 and is present in the Grub2 package.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution, allowing an attacker to bypass secure boot protections.

Remediation

Users can apply the available update for Grub2 in Red Hat Enterprise Linux 9, as detailed in the Red Hat Security Advisory RHSA-2025:6990.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
6.8
impact
7.5
exploitability
3.0
remediation
7.7
relevance
0.0
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.