| Bug | bullseye | bookworm | trixie | sid | Description |
|---|
| CVE-2025-1125 | vulnerable | vulnerable | vulnerable | vulnerable | fs/hfs: Interger overflow may lead to heap based out-of-bounds write |
| CVE-2025-1118 | vulnerable | vulnerable | vulnerable | vulnerable | A flaw was found in grub2. Grub's dump command is not blocked when gru ... |
| CVE-2025-0690 | vulnerable | vulnerable | vulnerable | vulnerable | read: Integer overflow may lead to out-of-bounds write |
| CVE-2025-0689 | vulnerable | vulnerable | vulnerable | vulnerable | udf: Heap based buffer overflow in grub_udf_read_block() may lead to arbitrary code execution |
| CVE-2025-0686 | vulnerable | vulnerable | vulnerable | vulnerable | romfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data |
| CVE-2025-0685 | vulnerable | vulnerable | vulnerable | vulnerable | jfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data |
| CVE-2025-0684 | vulnerable | vulnerable | vulnerable | vulnerable | reiserfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data |
| CVE-2025-0678 | vulnerable | vulnerable | vulnerable | vulnerable | squash4: Integer overflow may lead to heap based out-of-bounds write when reading data |
| CVE-2025-0677 | vulnerable | vulnerable | vulnerable | vulnerable | A flaw was found in grub2. When performing a symlink lookup, the grub' ... |
| CVE-2025-0624 | vulnerable | vulnerable | vulnerable | vulnerable | A flaw was found in grub2. During the network boot process, when tryin ... |
| CVE-2025-0622 | vulnerable | vulnerable | vulnerable | vulnerable | A flaw was found in command/gpg. In some scenarios, hooks created by l ... |
| CVE-2024-56738 | vulnerable | vulnerable (no DSA) | vulnerable | vulnerable | GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorit ... |
| CVE-2024-56737 | vulnerable | vulnerable (no DSA) | vulnerable | vulnerable | GNU GRUB (aka GRUB2) through 2.12 has a heap-based buffer overflow in ... |
| CVE-2024-49504 | vulnerable | vulnerable | vulnerable | vulnerable | grub2 allowed attackers with access to the grub shell to access files ... |
| CVE-2024-45783 | vulnerable | vulnerable | vulnerable | vulnerable | A flaw was found in grub2. When failing to mount an HFS+ grub, the hfs ... |
| CVE-2024-45782 | vulnerable | vulnerable | vulnerable | vulnerable | fs/hfs: strcpy() using the volume name (fs/hfs.c:382) |
| CVE-2024-45781 | vulnerable | vulnerable | vulnerable | vulnerable | A flaw was found in grub2. When reading a symbolic link's name from a ... |
| CVE-2024-45780 | vulnerable | vulnerable | vulnerable | vulnerable | fs/tar: Integer Overflow causes Heap OOB Write |
| CVE-2024-45779 | vulnerable | vulnerable | vulnerable | vulnerable | fs/bfs: Integer overflow leads to Heap OOB Read (Write?) in the BFS parser |
| CVE-2024-45778 | vulnerable | vulnerable | vulnerable | vulnerable | fs/bfs: Integer overflow in the BFS parser |
| CVE-2024-45777 | vulnerable | vulnerable | vulnerable | vulnerable | A flaw was found in grub2. The calculation of the translation buffer w ... |
| CVE-2024-45776 | vulnerable | vulnerable | vulnerable | vulnerable | When reading the language .mo file in grub_mofile_open(), grub2 fails ... |
| CVE-2024-45775 | vulnerable | vulnerable | vulnerable | vulnerable | A flaw was found in grub2 where the grub_extcmd_dispatcher() function ... |
| CVE-2024-45774 | vulnerable | vulnerable | vulnerable | vulnerable | A flaw was found in grub2. A specially crafted JPEG file can cause the ... |
| CVE-2021-3981 | vulnerable (no DSA) | fixed | fixed | fixed | A flaw in grub2 was found where its configuration file, known as grub. ... |
| Bug | Description |
|---|
| CVE-2024-2312 | GRUB2 does not call the module fini functions on exit, leading to Debi ... |
| CVE-2024-1048 | A flaw was found in the grub2-set-bootflag utility of grub2. After the ... |
| CVE-2023-4693 | An out-of-bounds read flaw was found on grub2's NTFS filesystem driver ... |
| CVE-2023-4692 | An out-of-bounds write flaw was found in grub2's NTFS filesystem drive ... |
| CVE-2023-4001 | An authentication bypass flaw was found in GRUB due to the way that GR ... |
| CVE-2022-28736 | There's a use-after-free vulnerability in grub_cmd_chainloader() funct ... |
| CVE-2022-28735 | The GRUB2's shim_lock verifier allows non-kernel files to be loaded on ... |
| CVE-2022-28734 | Out-of-bounds write when handling split HTTP headers; When handling sp ... |
| CVE-2022-28733 | Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP ... |
| CVE-2022-3775 | When rendering certain unicode sequences, grub2's font code doesn't pr ... |
| CVE-2022-2601 | A buffer overflow was found in grub_font_construct_glyph(). A maliciou ... |
| CVE-2021-46705 | A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE ... |
| CVE-2021-20233 | A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() ... |
| CVE-2021-20225 | A flaw was found in grub2 in versions prior to 2.06. The option parser ... |
| CVE-2021-3697 | A crafted JPEG image may lead the JPEG reader to underflow its data po ... |
| CVE-2021-3696 | A heap out-of-bounds write may heppen during the handling of Huffman t ... |
| CVE-2021-3695 | A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write ... |
| CVE-2021-3418 | If certificates that signed grub are installed into db, grub can be bo ... |
| CVE-2020-27779 | A flaw was found in grub2 in versions prior to 2.06. The cutmem comman ... |
| CVE-2020-27749 | A flaw was found in grub2 in versions prior to 2.06. Variable names pr ... |
| CVE-2020-25647 | A flaw was found in grub2 in versions prior to 2.06. During USB device ... |
| CVE-2020-25632 | A flaw was found in grub2 in versions prior to 2.06. The rmmod impleme ... |
| CVE-2020-15707 | Integer overflows were discovered in the functions grub_cmd_initrd and ... |
| CVE-2020-15706 | GRUB2 contains a race condition in grub_script_function_create() leadi ... |
| CVE-2020-15705 | GRUB2 fails to validate kernel signature when booted directly without ... |
| CVE-2020-14372 | A flaw was found in grub2 in versions prior to 2.06, where it incorrec ... |
| CVE-2020-14311 | There is an issue with grub2 before version 2.06 while handling symlin ... |
| CVE-2020-14310 | There is an issue on grub2 before version 2.06 at function read_sectio ... |
| CVE-2020-14309 | There's an issue with grub2 in all versions before 2.06 when handling ... |
| CVE-2020-14308 | In grub2 versions before 2.06 the grub memory allocator doesn't check ... |
| CVE-2020-10713 | A flaw was found in grub2, prior to version 2.06. An attacker may use ... |
| CVE-2019-14865 | A flaw was found in the grub2-set-bootflag utility of grub2. A local a ... |
| CVE-2017-9763 | The grub_ext2_read_block function in fs/ext2.c in GNU GRUB before 2013 ... |
| CVE-2015-8370 | Multiple integer underflows in Grub2 1.98 through 2.02 allow physicall ... |
| CVE-2015-5281 | The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux (RHEL) ... |
| CVE-2013-4577 | A certain Debian patch for GNU GRUB uses world-readable permissions fo ... |
| CVE-2009-4128 | GNU GRand Unified Bootloader (GRUB) 2 1.97 only compares the submitted ... |