CVE-2025-61662

Summary

A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the application to access a memory location that is no longer valid. An attacker could exploit this vulnerability to cause grub to crash, leading to a Denial of Service. Possible data integrity or confidentiality compromise is not discarded.

Affected Software

VendorProductVersion RangeStatus
GNUgrub20 <= 2.14affected
Red HatRed Hat Enterprise Linux 101:2.12-29.el10_1.2 < *unaffected
Red HatRed Hat Enterprise Linux 10.0 Extended Update Support1:2.12-15.el10_0.2 < *unaffected
Red HatRed Hat Enterprise Linux 7 Extended Lifecycle Support1:2.02-0.87.el7_9.16 < *unaffected
Red HatRed Hat Enterprise Linux 81:2.02-170.el8_10.1 < *unaffected
Red HatRed Hat Enterprise Linux 8.2 Advanced Update Support1:2.02-87.el8_2.14 < *unaffected
Red HatRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support1:2.02-99.el8_4.13 < *unaffected
Red HatRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On1:2.02-99.el8_4.13 < *unaffected
Red HatRed Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support1:2.02-123.el8_6.19 < *unaffected
Red HatRed Hat Enterprise Linux 8.6 Telecommunications Update Service1:2.02-123.el8_6.19 < *unaffected
Red HatRed Hat Enterprise Linux 8.6 Update Services for SAP Solutions1:2.02-123.el8_6.19 < *unaffected
Red HatRed Hat Enterprise Linux 8.8 Telecommunications Update Service1:2.02-152.el8_8.3 < *unaffected
Red HatRed Hat Enterprise Linux 8.8 Update Services for SAP Solutions1:2.02-152.el8_8.3 < *unaffected
Red HatRed Hat Enterprise Linux 91:2.06-114.el9_7.1 < *unaffected
Red HatRed Hat Enterprise Linux 9.0 Update Services for SAP Solutions1:2.06-27.el9_0.23 < *unaffected
Red HatRed Hat Enterprise Linux 9.2 Update Services for SAP Solutions1:2.06-61.el9_2.11 < *unaffected
Red HatRed Hat Enterprise Linux 9.4 Extended Update Support1:2.06-86.el9_4.4 < *unaffected
Red HatRed Hat Enterprise Linux 9.6 Extended Update Support1:2.06-105.el9_6.1 < *unaffected
Red HatRed Hat OpenShift Container Platform 4.12412.86.202604010116-0 < *unaffected
Red HatRed Hat OpenShift Container Platform 4.13413.92.202604080111-0 < *unaffected
Red HatRed Hat OpenShift Container Platform 4.14414.92.202605060243-0 < *unaffected
Red HatRed Hat OpenShift Container Platform 4.15415.92.202605060220-0 < *unaffected
Red HatRed Hat OpenShift Container Platform 4.16416.94.202604211449-0 < *unaffected
Red HatRed Hat OpenShift Container Platform 4.17417.94.202605112123-0 < *unaffected
Red HatRed Hat OpenShift Container Platform 4.18418.94.202603181125-0 < *unaffected
Red HatRed Hat OpenShift Container Platform 4.194.19.9.6.202604080618-0 < *unaffected

Weaknesses

Workarounds

There's no known mitigation available for this vulnerability.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References