- Description
- The read command is used to read the keyboard input from the user, while reads it keeps the input length in a 32-bit integer value which is further used to reallocate the line buffer to accept the next character. During this process, with a line big enough it's possible to make this variable to overflow leading to a out-of-bounds write in the heap based buffer. This flaw may be leveraged to corrupt grub's internal critical data and secure boot bypass is not discarded as consequence.
- Source
- secalert@redhat.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 6.1
- Impact score
- 5.9
- Exploitability score
- 0.2
- Vector string
- CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
- Severity
- MEDIUM
- secalert@redhat.com
- CWE-787
- Hype score
- Not currently trending
⚠️ Una vulnerabilidad recientemente revelada en el manejo de la entrada del teclado de GRUB2 (CVE-2025-0690) podría permitir ejecutar código arbitrario o eludir las protecciones de arranque seguro. 🧉 https://t.co/TE3bnWdW5t
@MarquisioX
25 Feb 2025
21 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
GRUB2 Vulnerability (CVE-2025-0690) Could Bypass Secure Boot, Exposing Systems to Heap Memory Corruption https://t.co/DuyH9jWatK via @Fintter Security #GRUB2 #CVE20250690 #LinuxSecurity #SecureBoot #HeapCorruption #BootloaderVulnerability #RedHat #TrendingNow
@FintterTvi
25 Feb 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-0690 🟠 MEDIUM (6.1) 🏢 Red Hat - Red Hat Enterprise Linux 7 🏗️ None 🔗 https://t.co/qIzffsrrfg 🔗 https://t.co/LmRw45yHiD #CyberCron #VulnAlert https://t.co/IM0ieAsghq
@cybercronai
24 Feb 2025
142 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
1 Quote
CVE-2025-0690 Buffer Overflow Vulnerability in Linux Grub Read Command Enabling Potenti... https://t.co/Awm3buMpXh Vulnerability Notification: https://t.co/xhLrNnfyrO
@VulmonFeeds
24 Feb 2025
50 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
RedHat Out-of-bounds Write vulnerability (CVE-2025-0690) #CVE20250690 #CyberSecurity #OutofBoundsWriteVulnerability #RedHat https://t.co/WzeWSgpOPO https://t.co/Y9ptuSCBoc
@SystemTek_UK
24 Feb 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0690 The read command is used to read the keyboard input from the user, while reads it keeps the input length in a 32-bit integer value which is further used to reallocate t… https://t.co/h8cfh13Eyj
@CVEnew
24 Feb 2025
513 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes