Primary

Context

GNU GRUB Use-After-Free Vulnerability Leading to Denial-of-Service

Vulnerability

A use-after-free vulnerability has been identified in GNU GRUB. This issue arises because the file-closing process improperly manages memory pointers, leaving an invalid reference to a file system structure. An attacker could exploit this flaw to cause GRUB to crash, resulting in a denial-of-service condition. There are also potential concerns regarding data integrity or confidentiality.

Impact

Exploitation of this vulnerability can cause GRUB to crash, leading to a denial-of-service condition. However, according to Red Hat, this vulnerability could also allow an attacker to execute unauthorized code or commands.

Remediation

Users can refer to the Red Hat Security Advisory for guidance on addressing this vulnerability.

Added: Nov 18, 2025, 7:24 PM

Updated: Nov 18, 2025, 10:23 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

4.7

remediation

7.7

relevance

1.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

4.7

remediation

7.7

relevance

1.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GNU GRUB Use-After-Free Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

GNU GRUB

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating