Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

SUSE 15 SP7: 2025:01747-1 moderate: grub2 data exposure issue

suse
Calendar Grey May 29, 2025
Dist Suse Esm H88
SUSE has issued a crucial update for grub2 that resolves a moderate security vulnerability. It is important to learn the steps for quickly applying the necessary patches
* bsc#1237174 * bsc#1242971 Cross-References: * CVE-2025-4382

Summary

## This update for grub2 fixes the following issues: Security fixes: * CVE-2025-4382: exposure of data from encrypted device through CLI once the root device is successfully unlocked via TPM (bsc#1242971). Other bug fixes: * Fix incorrect nvme disks and boot order in bootlist output (bsc#1237174).

References

* bsc#1237174

* bsc#1242971

Cross-

* CVE-2025-4382

CVSS scores:

* CVE-2025-4382 ( SUSE ): 8.4

CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N

* CVE-2025-4382 ( SUSE ): 5.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

* CVE-2025-4382 ( NVD ): 5.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Affected Products:

* Basesystem Module 15-SP7

* Server Applications Module 15-SP7

* SUSE Linux Enterprise Desktop 15 SP7

* SUSE Linux Enterprise Real Time 15 SP7

* SUSE Linux Enterprise Server 15 SP7

* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability and has one security fix can now be

installed.

##

* https://www.suse.com/security/cve/CVE-2025-4382.html

* https://bugzilla.suse.com/show_bug.cgi?id=1237174

Announcement ID: SUSE-SU-2025:01747-1
Release Date: 2025-05-29T12:40:35Z
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here