CVE-2024-45775
📋 TL;DR
This CVE describes a memory allocation failure vulnerability in grub2's grub_extcmd_dispatcher() function. When memory allocation fails, a NULL pointer is passed to parse_option(), causing grub to crash or potentially corrupt IVT data. This affects systems using vulnerable grub2 versions during boot processes.
💻 Affected Systems
- grub2
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Corruption of IVT (Interrupt Vector Table) data could lead to system instability, boot failures, or potential arbitrary code execution during boot process.
Likely Case
GRUB crashes during boot, causing system boot failure requiring manual intervention or recovery media.
If Mitigated
Boot failure requiring physical access to recover system, but no remote exploitation.
🎯 Exploit Status
Exploitation requires physical access or compromise of boot chain; not remotely exploitable.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check Red Hat advisory RHSA-2025:6990 for specific patched versions.
Vendor Advisory: https://access.redhat.com/errata/RHSA-2025:6990
Restart Required: Yes
Instructions:
1. Update grub2 package using system package manager. 2. Update grub configuration: 'grub2-mkconfig -o /boot/grub2/grub.cfg'. 3. Reboot system to apply changes.
🔧 Temporary Workarounds
Memory pressure reduction
linuxReduce memory pressure during boot to minimize chance of allocation failure.
Remove unnecessary kernel modules from initrd
Reduce grub memory footprint by removing unused features
🧯 If You Can't Patch
- Ensure physical security of systems to prevent unauthorized boot access
- Implement secure boot with trusted certificates to prevent boot chain compromise
🔍 How to Verify
Check if Vulnerable:
Check grub2 package version against vendor advisories: 'rpm -q grub2' or 'dpkg -l | grep grub'Check Version:
rpm -q grub2 --qf '%{version}-%{release}\n' (RHEL) or dpkg -l | grep '^ii.*grub' (Debian/Ubuntu)Verify Fix Applied:
Verify grub2 package version matches patched version from vendor advisory.📡 Detection & Monitoring
Log Indicators:
- System boot failures in kernel logs
- GRUB error messages during boot
- Unexpected system reboots
Network Indicators:
- None - vulnerability is local to boot process
SIEM Query:
source="kernel" AND ("GRUB" OR "boot failure" OR "panic")