CVE Alert: CVE-2025-0686
Vulnerability Summary: CVE-2025-0686
A flaw was found in grub2. When performing a symlink lookup from a romfs filesystem, grub’s romfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciously crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the grub_romfs_read_symlink() may cause out-of-bounds writes when the calling grub_disk_read() function. This issue may be leveraged to corrupt grub’s internal critical data and can result in arbitrary code execution by-passing secure boot protections.
Affected Endpoints:
No affected endpoints listed.
Published Date:
3/3/2025, 6:15:30 PM
⚠️ CVSS Score:
Exploit Status:
Not ExploitedReferences:
- https://access.redhat.com/security/cve/CVE-2025-0686
- https://bugzilla.redhat.com/show_bug.cgi?id=2346121
Recommended Action:
No proposed action available. Please refer to vendor documentation for updates.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
