CVE-2024-45780

A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It's possible to cause the allocation length to overflow with a crafted tar file, leading to a heap out-of-bounds write. This flaw eventually allows an attacker to circumvent secure boot protections.

CVSS v3 6.7 MEDIUM

6.7^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/security/cve/CVE-2024-45780
https://bugzilla.redhat.com/show_bug.cgi?id=2345856
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

Configurations

No configuration.

History

05 Mar 2025, 21:15

Type	Values Removed	Values Added
Summary		(es) Se encontró una falla en grub2. Al leer archivos tar, grub2 asigna un búfer interno para el nombre del archivo. Sin embargo, no verifica correctamente la asignación contra posibles desbordamientos de números enteros. Es posible provocar que la longitud de la asignación se desborde con un archivo tar manipulado, lo que lleva a una escritura fuera de los límites en el montón. Esta falla finalmente permite a un atacante eludir las protecciones de arranque seguro.
References		() https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html -

03 Mar 2025, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-03 15:15

Updated : 2025-03-05 21:15

NVD link : CVE-2024-45780

Mitre link : CVE-2024-45780

CVE.ORG link : CVE-2024-45780

JSON object : View

Products Affected

No product.

CWE

CWE-787

Out-of-bounds Write

6.7 /10