CVE-2024-56738

Опубликовано: 03 сент. 2025

Источник: msrc

CVSS3: 6.7

EPSS Низкий

Описание

GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorithm for grub_crypto_memcmp and thus allows side-channel attacks.

EPSS

Процентиль: 32%

0.00166

Низкий

6.7 Medium

CVSS3

CVE-2024-56738

CVSS3: 5.3

ubuntu

11 месяцев назад

GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorithm for grub_crypto_memcmp and thus allows side-channel attacks.

CVE-2024-56738

CVSS3: 6.5

redhat

11 месяцев назад

GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorithm for grub_crypto_memcmp and thus allows side-channel attacks.

CVE-2024-56738

CVSS3: 5.3

nvd

11 месяцев назад

GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorithm for grub_crypto_memcmp and thus allows side-channel attacks.

CVE-2024-56738

CVSS3: 5.3

debian

11 месяцев назад

GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorit ...

SUSE-SU-2025:02813-1

suse-cvrf

3 месяца назад

Recommended update for grub2

EPSS

Процентиль: 32%

0.00166

Низкий

6.7 Medium

CVSS3