REDHAT-BUG-2345856: Integer Overflow
First published: Fri Feb 14 2025(Updated: )
When reading tar files, grub2 allocates an internal buffer for the file name however it fails to properly verify the allocation against possible Integer Overflows. It's possible to cause the allocation length to overflow with a crafted tar file leading to a head Out-of-bounds write, as consequence an attacker may leverage this to eventually circumvent secure boot protections.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| GNU GRUB |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of REDHAT-BUG-2345856?
The vulnerability REDHAT-BUG-2345856 is considered to have a high severity due to the potential for out-of-bounds writes in GRUB 2.
How do I fix REDHAT-BUG-2345856?
To fix REDHAT-BUG-2345856, you should update GRUB 2 to the latest version provided by your distribution that includes the patch.
What impact does REDHAT-BUG-2345856 have on my system?
The impact of REDHAT-BUG-2345856 may allow attackers to execute arbitrary code or crash the GRUB 2 bootloader.
Which versions of GRUB 2 are affected by REDHAT-BUG-2345856?
GRUB 2 versions prior to the patch addressing REDHAT-BUG-2345856 are vulnerable to this issue.
What is the exploit vector for REDHAT-BUG-2345856?
The exploit vector for REDHAT-BUG-2345856 involves using a crafted tar file that triggers integer overflow during file name allocation.
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2024-45780
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/source
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/event
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/gnu
- canonical/gnu grub