icon

We found results for “

CVE-2024-2312

Good to know:

icon

Date: April 5, 2024

GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.

Language: C

Severity Score

Severity Score

Weakness Type (CWE)

Use After Free

CWE-416

Top Fix

icon

Upgrade Version

Upgrade to version 812bbe4c429b8ff7884be7a8d8429156f1019d28

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): HIGH
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

Do you need more information?

Contact Us