Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE 15 SP6: 2025:0586-1 important: grub2 heap overflow issues

suse
Calendar Grey February 19, 2025
Dist Suse Esm H88
Important grub2 update for SUSE resolves several security flaws and vulnerabilities across different platforms.
* bsc#1229163 * bsc#1229164 * bsc#1233606 * bsc#1233608 * bsc#1233609

Summary

## This update for grub2 fixes the following issues: * CVE-2024-45781: Fixed strcpy overflow in ufs. (bsc#1233617) * CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. (bsc#1234958) * CVE-2024-45782: Fixed strcpy overflow in hfs. (bsc#1233615) * CVE-2024-45780: Fixed an overflow in tar/cpio. (bsc#1233614) * CVE-2024-45783: Fixed a refcount overflow in hfsplus. (bsc#1233616) * CVE-2024-45774: Fixed a heap overflow in JPEG parser. (bsc#1233609) * CVE-2024-45775: Fixed a missing NULL check in extcmd parser. (bsc#1233610) * CVE-2024-45776: Fixed an overflow in .MO file handling. (bsc#1233612) * CVE-2024-45777: Fixed an integer overflow in gettext. (bsc#1233613) * CVE-2024-45778: Fixed bfs filesystem by removing it from lockdown capable modules. (bsc#1233606)

Topics%20covered

Topics Covered

security advisory buffer overflow software update important heap overflow integer overflow SUSE SUSE Linux grub2 buffer issues grub2 overflow

References

* bsc#1229163

* bsc#1229164

* bsc#1233606

* bsc#1233608

* bsc#1233609

* bsc#1233610

* bsc#1233612

* bsc#1233613

* bsc#1233614

* bsc#1233615

* bsc#1233616

* bsc#1233617

* bsc#1234958

* bsc#1236316

* bsc#1236317

* bsc#1237002

* bsc#1237006

* bsc#1237008

* bsc#1237009

* bsc#1237010

* bsc#1237011

* bsc#1237012

* bsc#1237013

* bsc#1237014

Cross-

* CVE-2024-45774

* CVE-2024-45775

* CVE-2024-45776

* CVE-2024-45777

* CVE-2024-45778

* CVE-2024-45779

* CVE-2024-45780

* CVE-2024-45781

* CVE-2024-45782

* CVE-2024-45783

* CVE-2024-49504

* CVE-2024-56737

* CVE-2025-0622

* CVE-2025-0624

* CVE-2025-0677

* CVE-2025-0678

* CVE-2025-0684

* CVE-2025-0685

* CVE-2025-0686

* CVE-2025-0689

* CVE-2025-0690

* CVE-2025-1118

* CVE-2025-1125

CVSS scores:

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:0586-1
Release Date: 2025-02-19T07:29:02Z
Rating: important

Topics%20covered

Topics Covered

security advisory buffer overflow software update important heap overflow integer overflow SUSE SUSE Linux grub2 buffer issues grub2 overflow

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here