CVE-2025-0624

7.6 HIGH

Published: February 19, 2025 Modified: April 15, 2026

Description

A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grub_strcpy() function. During this step, it fails to consider the environment variable length when allocating the internal buffer, resulting in an out-of-bounds write. If correctly exploited, this issue may result in remote code execution through the same network segment grub is searching for the boot information, which can be used to by-pass secure boot protections.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:2521

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:2653

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:2655

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:2675

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:2784

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:2799

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:2867

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:2869

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:3297

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:3301

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:3367

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:3396

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:3573

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:3577

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:3780

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:4422

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:7702

Source: secalert@redhat.com

https://access.redhat.com/security/cve/CVE-2025-0624

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2346112

Source: secalert@redhat.com

https://security.netapp.com/advisory/ntap-20250516-0006/

Source: af854a3a-2127-422b-91ae-364da2661108

20 reference(s) from NVD

Quick Stats

CVSS v3 Score

7.6 / 10.0

EPSS (Exploit Probability)

0.8%

74th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-787

Related CVEs

CVE-2026-6579 6.5

CVE-2026-6578 5.6

CVE-2026-6577 7.3

CVE-2026-6576 6.3

CVE-2026-6574 7.3