CVE-2024-45783

Feb. 18, 2025, 8:15 p.m.

4.4
Medium

Description

A flaw was found in grub2. When failing to mount an HFS+ grub, the hfsplus filesystem driver doesn't properly set an ERRNO value. This issue may lead to a NULL pointer access.

Product(s) Impacted

Product Versions
GRUB2

Weaknesses

CWE-911
Improper Update of Reference Count
The product uses a reference count to manage a resource, but it does not update or incorrectly updates the reference count.

References

https://access.redhat.com/security/cve/CVE-2024-45783
https://bugzilla.redhat.com/show_bug.cgi?id=2345863

Tags

secalert@redhat.com
CWE-911
2025-02-18
CVE-2024-45783

CVSS Score

4.4 / 10

CVSS Data

  • Attack Vector: LOCAL
  • Attack Complexity: LOW
  • Privileges Required: HIGH
  • Scope: UNCHANGED
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: HIGH
    • View Vector String

    CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Date

  • Published: Feb. 18, 2025, 8:15 p.m.
  • Last Modified: Feb. 18, 2025, 8:15 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

secalert@redhat.com

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.