Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE Linux Micro 6.0: Grub2 Important Buffer Overflow Fix 2025:20511-1

suse
Calendar Grey August 4, 2025
Dist Suse Esm H88
Fedora announces critical patch for systemd tackling several vulnerabilities such as race conditions and possible breaches.
* bsc#1229163 * bsc#1229164 * bsc#1233606 * bsc#1233608 * bsc#1233609

Summary

## This update for grub2 fixes the following issues: * CVE-2025-4382: Fixed TPM auto-decryption data exposure (bsc#1242971) * Filter out the non-subvolume btrfs mount points when creating the relative path (bsc#1239674) * CVE-2024-45781: Fixed ufs strcpy overflow (bsc#1233617) * CVE-2024-56737: Fixed heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem (bsc#1234958) * CVE-2024-45782: Fixed hfs strcpy overflow (bsc#1233615) * CVE-2024-45780: Fixed overflow in tar/cpio(bsc#1233614) * CVE-2024-45783: Fixed hfsplus refcount overflow (bsc#1233616) * CVE-2025-0624: Fixed out-of-bounds write in grub_net_search_config_file() (bsc#1236316) * CVE-2024-45774: Fixed heap overflows in JPEG parser (bsc#1233609)

Topics%20covered

Topics Covered

security advisory denial of service buffer overflow important SuSE Linux grub2

References

* bsc#1229163

* bsc#1229164

* bsc#1233606

* bsc#1233608

* bsc#1233609

* bsc#1233610

* bsc#1233612

* bsc#1233613

* bsc#1233614

* bsc#1233615

* bsc#1233616

* bsc#1233617

* bsc#1234958

* bsc#1236316

* bsc#1236317

* bsc#1237002

* bsc#1237006

* bsc#1237008

* bsc#1237009

* bsc#1237010

* bsc#1237011

* bsc#1237012

* bsc#1237013

* bsc#1237014

* bsc#1239674

* bsc#1242971

Cross-

* CVE-2024-45774

* CVE-2024-45775

* CVE-2024-45776

* CVE-2024-45777

* CVE-2024-45778

* CVE-2024-45779

* CVE-2024-45780

* CVE-2024-45781

* CVE-2024-45782

* CVE-2024-45783

* CVE-2024-49504

* CVE-2024-56737

* CVE-2025-0622

* CVE-2025-0624

* CVE-2025-0677

* CVE-2025-0678

* CVE-2025-0684

* CVE-2025-0685

* CVE-2025-0686

* CVE-2025-0689

* CVE-2025-0690

* CVE-2025-1118

* CVE-2025-1125

* CVE-2025-4382

CVSS scores:

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:20511-1
Release Date: 2025-07-29T08:22:13Z
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service buffer overflow important SuSE Linux grub2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here