{"id":"CLSA-2025-1742805183","summary":"grub2: Fix of 5 CVEs","details":"- CVE-2025-0624: net: Out-of-bounds write in grub_net_search_config_file()\n- CVE-2025-0690: read: Integer overflow may lead to out-of-bounds write\n- CVE-2025-1118: commands/dump: The dump command is not in lockdown when\n  secure boot is enabled\n- CVE-2025-0678: squash4: Integer overflow may lead to heap based\n  out-of-bounds write when reading data\n- CVE-2025-1125: fs/hfs: Integer overflow may lead to heap based\n  out-of-bounds write","modified":"2026-05-27T11:33:20.918869463Z","published":"2025-03-24T08:33:09Z","upstream":["CVE-2025-0624","CVE-2025-0678","CVE-2025-0690","CVE-2025-1118","CVE-2025-1125"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/almalinux9.2-esu/CLSA-2025-1742805183.html"}],"affected":[{"package":{"name":"grub2-common","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/grub2-common?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.06-61.el9_2.1.alma.tuxcare.els8"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1742805183.json"}},{"package":{"name":"grub2-efi-aa64-modules","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/grub2-efi-aa64-modules?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.06-61.el9_2.1.alma.tuxcare.els8"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1742805183.json"}},{"package":{"name":"grub2-efi-x64","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/grub2-efi-x64?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.06-61.el9_2.1.alma.tuxcare.els8"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1742805183.json"}},{"package":{"name":"grub2-efi-x64-cdboot","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/grub2-efi-x64-cdboot?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.06-61.el9_2.1.alma.tuxcare.els8"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1742805183.json"}},{"package":{"name":"grub2-efi-x64-modules","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/grub2-efi-x64-modules?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.06-61.el9_2.1.alma.tuxcare.els8"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1742805183.json"}},{"package":{"name":"grub2-emu","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/grub2-emu?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.06-61.el9_2.1.alma.tuxcare.els8"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1742805183.json"}},{"package":{"name":"grub2-emu-modules","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/grub2-emu-modules?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.06-61.el9_2.1.alma.tuxcare.els8"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1742805183.json"}},{"package":{"name":"grub2-pc","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/grub2-pc?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.06-61.el9_2.1.alma.tuxcare.els8"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1742805183.json"}},{"package":{"name":"grub2-pc-modules","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/grub2-pc-modules?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.06-61.el9_2.1.alma.tuxcare.els8"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1742805183.json"}},{"package":{"name":"grub2-tools","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/grub2-tools?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.06-61.el9_2.1.alma.tuxcare.els8"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1742805183.json"}},{"package":{"name":"grub2-tools-efi","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/grub2-tools-efi?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.06-61.el9_2.1.alma.tuxcare.els8"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1742805183.json"}},{"package":{"name":"grub2-tools-extra","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/grub2-tools-extra?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.06-61.el9_2.1.alma.tuxcare.els8"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1742805183.json"}},{"package":{"name":"grub2-tools-minimal","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/grub2-tools-minimal?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.06-61.el9_2.1.alma.tuxcare.els8"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1742805183.json"}}],"schema_version":"1.7.5"}