| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|
| CVE-2025-4382 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | fixed | A flaw was found in systems utilizing LUKS-encrypted disks with GRUB c ... |
| CVE-2025-1125 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | When reading data from a hfs filesystem, grub's hfs filesystem module ... |
| CVE-2025-1118 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in grub2. Grub's dump command is not blocked when gru ... |
| CVE-2025-0690 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | The read command is used to read the keyboard input from the user, whi ... |
| CVE-2025-0689 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | When reading data from disk, the grub's UDF filesystem module utilizes ... |
| CVE-2025-0686 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in grub2. When performing a symlink lookup from a rom ... |
| CVE-2025-0685 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in grub2. When reading data from a jfs filesystem, gr ... |
| CVE-2025-0684 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in grub2. When performing a symlink lookup from a rei ... |
| CVE-2025-0678 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in grub2. When reading data from a squash4 filesystem ... |
| CVE-2025-0677 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in grub2. When performing a symlink lookup, the grub' ... |
| CVE-2025-0624 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in grub2. During the network boot process, when tryin ... |
| CVE-2025-0622 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in command/gpg. In some scenarios, hooks created by l ... |
| CVE-2024-56738 | vulnerable | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable | vulnerable | GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorit ... |
| CVE-2024-56737 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | GNU GRUB (aka GRUB2) through 2.12 has a heap-based buffer overflow in ... |
| CVE-2024-45783 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in grub2. When failing to mount an HFS+ grub, the hfs ... |
| CVE-2024-45782 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in the HFS filesystem. When reading an HFS volume's n ... |
| CVE-2024-45781 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in grub2. When reading a symbolic link's name from a ... |
| CVE-2024-45780 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in grub2. When reading tar files, grub2 allocates an ... |
| CVE-2024-45779 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | An integer overflow flaw was found in the BFS file system driver in gr ... |
| CVE-2024-45778 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | A stack overflow flaw was found when reading a BFS file system. A craf ... |
| CVE-2024-45777 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in grub2. The calculation of the translation buffer w ... |
| CVE-2024-45776 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | When reading the language .mo file in grub_mofile_open(), grub2 fails ... |
| CVE-2024-45775 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in grub2 where the grub_extcmd_dispatcher() function ... |
| CVE-2024-45774 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in grub2. A specially crafted JPEG file can cause the ... |
| CVE-2021-3981 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | A flaw in grub2 was found where its configuration file, known as grub. ... |
| Bug | Description |
|---|
| CVE-2024-49504 | grub2 allowed attackers with access to the grub shell to access files ... |
| CVE-2024-2312 | GRUB2 does not call the module fini functions on exit, leading to Debi ... |
| CVE-2024-1048 | A flaw was found in the grub2-set-bootflag utility of grub2. After the ... |
| CVE-2023-4693 | An out-of-bounds read flaw was found on grub2's NTFS filesystem driver ... |
| CVE-2023-4692 | An out-of-bounds write flaw was found in grub2's NTFS filesystem drive ... |
| CVE-2023-4001 | An authentication bypass flaw was found in GRUB due to the way that GR ... |
| CVE-2022-28736 | There's a use-after-free vulnerability in grub_cmd_chainloader() funct ... |
| CVE-2022-28735 | The GRUB2's shim_lock verifier allows non-kernel files to be loaded on ... |
| CVE-2022-28734 | Out-of-bounds write when handling split HTTP headers; When handling sp ... |
| CVE-2022-28733 | Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP ... |
| CVE-2022-3775 | When rendering certain unicode sequences, grub2's font code doesn't pr ... |
| CVE-2022-2601 | A buffer overflow was found in grub_font_construct_glyph(). A maliciou ... |
| CVE-2021-46705 | A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE ... |
| CVE-2021-20233 | A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() ... |
| CVE-2021-20225 | A flaw was found in grub2 in versions prior to 2.06. The option parser ... |
| CVE-2021-3697 | A crafted JPEG image may lead the JPEG reader to underflow its data po ... |
| CVE-2021-3696 | A heap out-of-bounds write may heppen during the handling of Huffman t ... |
| CVE-2021-3695 | A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write ... |
| CVE-2021-3418 | If certificates that signed grub are installed into db, grub can be bo ... |
| CVE-2020-27779 | A flaw was found in grub2 in versions prior to 2.06. The cutmem comman ... |
| CVE-2020-27749 | A flaw was found in grub2 in versions prior to 2.06. Variable names pr ... |
| CVE-2020-25647 | A flaw was found in grub2 in versions prior to 2.06. During USB device ... |
| CVE-2020-25632 | A flaw was found in grub2 in versions prior to 2.06. The rmmod impleme ... |
| CVE-2020-15707 | Integer overflows were discovered in the functions grub_cmd_initrd and ... |
| CVE-2020-15706 | GRUB2 contains a race condition in grub_script_function_create() leadi ... |
| CVE-2020-15705 | GRUB2 fails to validate kernel signature when booted directly without ... |
| CVE-2020-14372 | A flaw was found in grub2 in versions prior to 2.06, where it incorrec ... |
| CVE-2020-14311 | There is an issue with grub2 before version 2.06 while handling symlin ... |
| CVE-2020-14310 | There is an issue on grub2 before version 2.06 at function read_sectio ... |
| CVE-2020-14309 | There's an issue with grub2 in all versions before 2.06 when handling ... |
| CVE-2020-14308 | In grub2 versions before 2.06 the grub memory allocator doesn't check ... |
| CVE-2020-10713 | A flaw was found in grub2, prior to version 2.06. An attacker may use ... |
| CVE-2019-14865 | A flaw was found in the grub2-set-bootflag utility of grub2. A local a ... |
| CVE-2017-9763 | The grub_ext2_read_block function in fs/ext2.c in GNU GRUB before 2013 ... |
| CVE-2015-8370 | Multiple integer underflows in Grub2 1.98 through 2.02 allow physicall ... |
| CVE-2015-5281 | The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux (RHEL) ... |
| CVE-2013-4577 | A certain Debian patch for GNU GRUB uses world-readable permissions fo ... |
| CVE-2009-4128 | GNU GRand Unified Bootloader (GRUB) 2 1.97 only compares the submitted ... |