Vulnerability DatabaseCVE-2024-45781

CVE-2024-45781:
Rocky Linux vulnerability analysis and mitigation

Overview

A critical vulnerability (CVE-2024-45781) was discovered in GRUB2, affecting the UFS filesystem handling. The vulnerability was disclosed on February 18, 2025, and involves a failure to validate string length when reading symbolic link names from UFS filesystems. This flaw affects various Linux distributions including Debian and Red Hat systems (NVD, Red Hat CVE).

Technical details

The vulnerability is classified as a heap out-of-bounds write (CWE-787) with a CVSS v3.1 base score of 6.7 (Medium). The attack vector is local (AV:L) with low attack complexity (AC:L), requiring high privileges (PR:H) but no user interaction (UI:N). The scope is unchanged (S:U) with high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H) (NVD).

Impact

The vulnerability can lead to data integrity issues and potentially allow attackers to circumvent secure boot protections. This is particularly concerning as it affects the boot process security and could compromise system integrity (Debian Tracker).

Mitigation and workarounds

Fixed versions have been released in some distributions, such as Debian sid (version 2.12-7). Ubuntu has noted that their grub2 package does not affect Ubuntu's Secure Boot, though grub2-unsigned contains Secure Boot security fixes (Ubuntu Security, Debian Tracker).

Additional resources

Source: This report was generated using AI

View vulnerable instances

Not a Wiz customer? See which CVEs are exploitable in your environment.

Get a CVE Assessment

6.7

Score

Published February 18, 2025

Severity MEDIUM

CNA Score 6.7

Affected Technologies

Rocky Linux
Alma Linux

Has Public Exploit No

Has CISA KEV Exploit No

CISA KEV Release Date N/A

CISA KEV Due Date N/A

Exploitation Probability Percentile (EPSS) 21

Exploitation Probability (EPSS) 0.1

Affected packages and libraries

grub2-s390x-emu-debug
grub2-tools-extra

Sources

NVD
AlmaLinux Security Advisory
- AlmaLinux 9 Severity MEDIUMHas FixAdded at: Jul 04, 2025
CBL-Mariner
- CBL-Mariner 2.0 Severity MEDIUMHas FixAdded at: Oct 19, 2025
- CBL-Mariner 3.0 Severity MEDIUMHas FixAdded at: Oct 29, 2025
Debian Security Tracker
- Debian 11, 12 Severity MEDIUMNo FixAdded at: Feb 19, 2025
- Debian 13 Severity MEDIUMHas FixAdded at: Feb 19, 2025
- Debian 14 Severity MEDIUMHas FixAdded at: Aug 10, 2025
Echo
- Echo Severity MEDIUMHas FixAdded at: Nov 18, 2025
Photon Security Advisory
- Photon 4.0 Severity MEDIUMHas FixAdded at: Sep 03, 2025
- Photon 5.0 Severity MEDIUMHas FixAdded at: Mar 27, 2025
Red Hat Errata
- Red Hat 7, 8 Severity MEDIUMNo FixAdded at: Feb 19, 2025
- Red Hat 9 Severity MEDIUMHas FixAdded at: Feb 20, 2025
- Red Hat 10 Severity MEDIUMHas FixAdded at: May 23, 2025
Rocky Linux Product Errata
- Rocky 9 Severity MEDIUMHas FixAdded at: Dec 07, 2025
- Rocky 10 Severity MEDIUMHas FixAdded at: Oct 09, 2025
Seal Security
- Red Hat 7 Severity MEDIUMHas FixAdded at: Nov 18, 2025

Get a CVE risk assessment

Get a prioritized view of CVEs in your cloud—so you can focus on what's exploitable, not just what's listed.

Request assessment

Related Rocky Linux vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-13020	HIGH	8.8	NixOS	MozillaFirefox-branding-upstream	No	Yes	Nov 11, 2025
CVE-2025-59088	HIGH	8.6	Rocky Linux	python3-kdcproxy	No	Yes	Nov 12, 2025
CVE-2025-13019	HIGH	8.1	NixOS	firefox-x11	No	Yes	Nov 11, 2025
CVE-2025-59089	MEDIUM	5.9	Rocky Linux	idm:DL1::bind-dyndb-ldap	No	Yes	Nov 12, 2025
CVE-2025-40185	N/A	N/A	Linux Kernel	kernel-64k-debug-modules-partner	No	Yes	Nov 12, 2025