CVE-2024-45779

An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a heap of bounds read. As a consequence, sensitive data may be leaked, or grub2 will crash.

CVSS v3 6.0 MEDIUM

6.0^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.8 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/security/cve/CVE-2024-45779	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2345854	Issue Tracking
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html	Mailing List

Configurations

Configuration 1 (hide)

cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-03-03 15:15

Updated : 2025-03-25 05:15

NVD link : CVE-2024-45779

Mitre link : CVE-2024-45779

CVE.ORG link : CVE-2024-45779

JSON object : View

Products Affected

gnu

grub2

CWE

CWE-190

Integer Overflow or Wraparound

{"id": "CVE-2024-45779", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.0, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 0.8}, {"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.0, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 0.8}]}, "published": "2025-03-03T15:15:14.660", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2024-45779", "tags": ["Third Party Advisory"], "source": "[email protected]"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345854", "tags": ["Issue Tracking"], "source": "[email protected]"}, {"url": "https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html", "tags": ["Mailing List"], "source": "[email protected]"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-190"}]}, {"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a heap of bounds read. As a consequence, sensitive data may be leaked, or grub2 will crash."}, {"lang": "es", "value": "Se encontr\u00f3 una falla de desbordamiento de enteros en el controlador del sistema de archivos BFS en grub2. Al leer un archivo con un mapa de extensi\u00f3n indirecto, grub2 no puede validar la cantidad de entradas de extensi\u00f3n que se leer\u00e1n. Un sistema de archivos BFS manipulado o da\u00f1ado puede causar un desbordamiento de enteros durante la lectura del archivo, lo que genera una gran cantidad de lecturas de los l\u00edmites. Como consecuencia, se pueden filtrar datos confidenciales o grub2 puede fallar."}], "lastModified": "2025-03-25T05:15:39.697", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6ECC2401-511C-4A2E-878F-C7053FA3ABB1", "versionEndIncluding": "2.12"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}