Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-45778

Опубликовано: 18 фев. 2025
Источник: redhat
CVSS3: 4.1
EPSS Низкий

Описание

A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash.

Отчет

Red Hat supported products are not affected by this vulnerability,as the grub2 versions as shipped with it does not include the BFS filesystem module.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10grub2Not affected
Red Hat Enterprise Linux 7grub2Not affected
Red Hat Enterprise Linux 8grub2Not affected
Red Hat Enterprise Linux 9grub2Not affected
Red Hat OpenShift Container Platform 4rhcosNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-190
https://bugzilla.redhat.com/show_bug.cgi?id=2345640grub2: fs/bfs: Integer overflow in the BFS parser.

EPSS

Процентиль: 2%
0.00016
Низкий

4.1 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-45778

CVSS3: 4.1
ubuntu
6 месяцев назад

A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash.

nvd логотип

CVE-2024-45778

CVSS3: 4.1
nvd
6 месяцев назад

A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash.

debian логотип

CVE-2024-45778

CVSS3: 4.1
debian
6 месяцев назад

A stack overflow flaw was found when reading a BFS file system. A craf ...

github логотип

GHSA-vpmj-h28j-ffpp

CVSS3: 4.1
github
6 месяцев назад

A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash.

fstec логотип

BDU:2025-07099

CVSS3: 5.5
fstec
7 месяцев назад

Уязвимость файловой системы BFS загрузчика операционных систем Grub2, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 2%
0.00016
Низкий

4.1 Medium

CVSS3