CVE-2024-45779

Grub2: fs/bfs: integer overflow leads to heap oob read in the bfs parser

Description

An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a heap of bounds read. As a consequence, sensitive data may be leaked, or grub2 will crash.

Remediation

Workaround:

Do not run grub2 in an untrusted environment, specifically with a BFS file system image.

References

Link	Tags
https://access.redhat.com/security/cve/CVE-2024-45779	vdb entry third party advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2345854	issue tracking
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html	mailing list

Frequently Asked Questions

What is the severity of CVE-2024-45779?: CVE-2024-45779 has been scored as a medium severity vulnerability.
How to fix CVE-2024-45779?: As a workaround for remediating CVE-2024-45779: Do not run grub2 in an untrusted environment, specifically with a BFS file system image.
Is CVE-2024-45779 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2024-45779 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-45779?: CVE-2024-45779 affects Red Hat Red Hat Enterprise Linux 10, Red Hat Red Hat Enterprise Linux 7, Red Hat Red Hat Enterprise Linux 8, Red Hat Red Hat Enterprise Linux 9, Red Hat Red Hat OpenShift Container Platform 4.

Description

Remediation

Category

CWE-190 – Integer Overflow or Wraparound

References

Frequently Asked Questions