CVE-2025-61662

HIGH

GRUB2 < 2.14 - Use-After-Free in gettext Module

Title source: llm
STIX 2.1

Description

A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the application to access a memory location that is no longer valid. An attacker could exploit this vulnerability to cause grub to crash, leading to a Denial of Service. Possible data integrity or confidentiality compromise is not discarded.

References (25)

Core 25
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:4652
https://access.redhat.com/errata/RHSA-2026:4652
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:4653
https://access.redhat.com/errata/RHSA-2026:4653
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:10097
https://access.redhat.com/errata/RHSA-2026:10097
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:4822
https://access.redhat.com/errata/RHSA-2026:4822
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:4823
https://access.redhat.com/errata/RHSA-2026:4823
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:4830
https://access.redhat.com/errata/RHSA-2026:4830
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:4900
https://access.redhat.com/errata/RHSA-2026:4900
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:4998
https://access.redhat.com/errata/RHSA-2026:4998
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:5074
https://access.redhat.com/errata/RHSA-2026:5074
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:5127
https://access.redhat.com/errata/RHSA-2026:5127
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:5233
https://access.redhat.com/errata/RHSA-2026:5233
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:7239
https://access.redhat.com/errata/RHSA-2026:7239
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:7243
https://access.redhat.com/errata/RHSA-2026:7243
Third Party Advisory vdb-entry x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2025-61662
Issue Tracking, Third Party Advisory issue-tracking x_refsource_redhat
https://bugzilla.redhat.com/show_bug.cgi?id=2414683
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:14773
https://access.redhat.com/errata/RHSA-2026:14773
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:15087
https://access.redhat.com/errata/RHSA-2026:15087
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:4648
https://access.redhat.com/errata/RHSA-2026:4648
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:4649
https://access.redhat.com/errata/RHSA-2026:4649
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:4654
https://access.redhat.com/errata/RHSA-2026:4654
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:4760
https://access.redhat.com/errata/RHSA-2026:4760
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:6492
https://access.redhat.com/errata/RHSA-2026:6492
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:17596
https://access.redhat.com/errata/RHSA-2026:17596

Scores

CVSS v3 7.8
EPSS 0.0002
EPSS Percentile 4.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-416
Status published
Products (31)
gnu/grub2 < 2.14
GNU/grub2 < 2.14
Red Hat/Red Hat Enterprise Linux 10 1:2.12-29.el10_1.2
Red Hat/Red Hat Enterprise Linux 10.0 Extended Update Support 1:2.12-15.el10_0.2
Red Hat/Red Hat Enterprise Linux 7
Red Hat/Red Hat Enterprise Linux 7 Extended Lifecycle Support 1:2.02-0.87.el7_9.16
Red Hat/Red Hat Enterprise Linux 8
Red Hat/Red Hat Enterprise Linux 8 1:2.02-170.el8_10.1
Red Hat/Red Hat Enterprise Linux 8.2 Advanced Update Support 1:2.02-87.el8_2.14
Red Hat/Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 1:2.02-99.el8_4.13
... and 21 more
Published Nov 18, 2025
Tracked Since Feb 18, 2026