CVE-2024-45774: 
Rocky Linux vulnerability analysis and mitigation

A critical vulnerability (CVE-2024-45774) was discovered in GRUB2's JPEG parser. The vulnerability allows a specially crafted JPEG file to cause the JPEG parser to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. This flaw was discovered in February 2025 and affects GRUB2 systems (NVD, Red Hat CVE).

The vulnerability is classified as a heap out-of-bounds write vulnerability (CWE-787) that occurs when processing JPEG files. The issue specifically involves an extra SOF0 marker in JPEG files that can lead to incorrect bounds checking in internal buffers. The vulnerability has been assigned a CVSS v3.1 base score of 6.7 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H, indicating local access is required but no user interaction is needed (NVD, GRUB Dev List).

The vulnerability's impact is severe as it could potentially allow an attacker to overwrite sensitive information and bypass secure boot protections. The out-of-bounds write capability could lead to memory corruption and potentially compromise the integrity of the boot process (Red Hat CVE, GRUB Dev List).

The vulnerability has been addressed in the GRUB2 codebase with patches that prevent duplicate SOF0 markers in JPEG files. Updated versions of GRUB2 containing these fixes are being distributed by various vendors. Users are advised to apply the latest security updates when they become available from their respective distribution vendors (GRUB Dev List).