SecuriTricks - CVE-2024-45782

Description

A flaw was found in the HFS filesystem. When reading an HFS volume's name at grub_fs_mount(), the HFS filesystem driver performs a strcpy() using the user-provided volume name as input without properly validating the volume name's length. This issue may read to a heap-based out-of-bounds writer, impacting grub's sensitive data integrity and eventually leading to a secure boot protection bypass.

Product(s) Impacted

Vendor	Product	Versions
Gnu	Grub2	*
Redhat	Openshift Container Platform Enterprise Linux	4.0 7.0, 8.0, 9.0

Weaknesses

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

*CPE(s)

Type	Vendor	Product	Version	Update	Edition	Language	Software Edition	Target Software	Target Hardware	Other Information
a	gnu	grub2	/	/	/	/	/	/	/	/
a	redhat	openshift_container_platform	4.0	/	/	/	/	/	/	/
o	redhat	enterprise_linux	7.0	/	/	/	/	/	/	/
o	redhat	enterprise_linux	8.0	/	/	/	/	/	/	/
o	redhat	enterprise_linux	9.0	/	/	/	/	/	/	/

References

https://access.redhat.com/security/cve/CVE-2024-45782

https://bugzilla.redhat.com/show_bug.cgi?id=2345858

CVSS Score

6.7 / 10

CVSS Data

Attack Vector: LOCAL
Attack Complexity: LOW
Privileges Required: HIGH
Scope: UNCHANGED
Confidentiality Impact: HIGH
Integrity Impact: HIGH
Availability Impact: HIGH

View Vector String

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Date

Published: March 3, 2025, 5:15 p.m.
Last Modified: March 7, 2025, 8:42 p.m.

Status : Analyzed

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

secalert@redhat.com

CVE-2024-45782