CVE-2024-45774
📋 TL;DR
A buffer overflow vulnerability in GRUB2's JPEG parser allows specially crafted JPEG files to trigger an out-of-bounds write. This could potentially bypass secure boot protections by overwriting sensitive information. Systems using GRUB2 bootloader with JPEG support are affected.
💻 Affected Systems
- grub2
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Secure boot bypass leading to persistent compromise, bootkit installation, or complete system takeover.
Likely Case
System crash, boot failure, or denial of service during boot process.
If Mitigated
Limited impact if secure boot is properly configured and validated, though boot process disruption remains possible.
🎯 Exploit Status
Exploitation requires physical access or ability to modify boot files. No public exploits available as of analysis.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check vendor-specific updates (e.g., RHEL RHSA-2025:6990)
Vendor Advisory: https://access.redhat.com/errata/RHSA-2025:6990
Restart Required: Yes
Instructions:
1. Update GRUB2 package via system package manager. 2. Regenerate GRUB configuration. 3. Reboot system to apply changes.
🔧 Temporary Workarounds
Disable JPEG support in GRUB2
linuxRemove JPEG image loading capability from GRUB2 configuration
Remove or comment out 'loadfont' and 'insmod jpeg' lines in GRUB configuration files
Remove JPEG theme files
linuxDelete JPEG images used in GRUB2 themes
rm -f /boot/grub2/themes/*.jpg
rm -f /boot/grub2/*.jpg
🧯 If You Can't Patch
- Implement strict access controls to prevent unauthorized modification of boot files
- Enable secure boot with proper validation and use trusted boot media only
🔍 How to Verify
Check if Vulnerable:
Check GRUB2 version and if JPEG module is loaded: grub2-mkconfig --version && grep -r 'jpeg' /etc/grub.d/Check Version:
rpm -q grub2 (RHEL/Fedora) or dpkg -l grub2 (Debian/Ubuntu)Verify Fix Applied:
Verify updated GRUB2 package version matches vendor advisory and test boot with JPEG theme files📡 Detection & Monitoring
Log Indicators:
- GRUB boot failures
- Kernel panic during boot
- Secure boot validation errors
Network Indicators:
- Not applicable - local exploit only
SIEM Query:
source="boot.log" AND ("GRUB error" OR "boot failure" OR "kernel panic")