Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

SUSE 12 SP5: 2025:0629-1 Important: Grub2 Fixes Against Buffer Overflow

suse
Calendar Grey February 21, 2025
Dist Suse Esm H88
SUSE reveals a significant enhancement for grub2 addressing various vulnerabilities that could pose critical security threats.
* bsc#1233606 * bsc#1233608 * bsc#1233609 * bsc#1233610 * bsc#1233612

Summary

## This update for grub2 fixes the following issues: * CVE-2024-45781: Fixed strcpy overflow in ufs. (bsc#1233617) * CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. (bsc#1234958) * CVE-2024-45782: Fixed strcpy overflow in hfs. (bsc#1233615) * CVE-2024-45780: Fixed an overflow in tar/cpio. (bsc#1233614) * CVE-2024-45783: Fixed a refcount overflow in hfsplus. (bsc#1233616) * CVE-2024-45774: Fixed a heap overflow in JPEG parser. (bsc#1233609) * CVE-2024-45775: Fixed a missing NULL check in extcmd parser. (bsc#1233610) * CVE-2024-45776: Fixed an overflow in .MO file handling. (bsc#1233612) * CVE-2024-45777: Fixed an integer overflow in gettext. (bsc#1233613) * CVE-2024-45778: Fixed bfs filesystem by removing it from lockdown capable modules. (bsc#1233606)

Topics%20covered

Topics Covered

security advisory denial of service security issue update buffer overflow important SUSE grub2

References

* bsc#1233606

* bsc#1233608

* bsc#1233609

* bsc#1233610

* bsc#1233612

* bsc#1233613

* bsc#1233614

* bsc#1233615

* bsc#1233616

* bsc#1233617

* bsc#1234958

* bsc#1236316

* bsc#1236317

* bsc#1237002

* bsc#1237006

* bsc#1237008

* bsc#1237009

* bsc#1237010

* bsc#1237011

* bsc#1237012

* bsc#1237013

* bsc#1237014

Cross-

* CVE-2024-45774

* CVE-2024-45775

* CVE-2024-45776

* CVE-2024-45777

* CVE-2024-45778

* CVE-2024-45779

* CVE-2024-45780

* CVE-2024-45781

* CVE-2024-45782

* CVE-2024-45783

* CVE-2024-56737

* CVE-2025-0622

* CVE-2025-0624

* CVE-2025-0677

* CVE-2025-0678

* CVE-2025-0684

* CVE-2025-0685

* CVE-2025-0686

* CVE-2025-0689

* CVE-2025-0690

* CVE-2025-1118

* CVE-2025-1125

CVSS scores:

* CVE-2024-45774 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:0629-1
Release Date: 2025-02-21T12:55:16Z
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service security issue update buffer overflow important SUSE grub2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here