{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-06T23:25:22.012","vulnerabilities":[{"cve":{"id":"CVE-2024-45779","sourceIdentifier":"secalert@redhat.com","published":"2025-03-03T15:15:14.660","lastModified":"2025-03-25T05:15:39.697","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a heap of bounds read. As a consequence, sensitive data may be leaked, or grub2 will crash."},{"lang":"es","value":"Se encontró una falla de desbordamiento de enteros en el controlador del sistema de archivos BFS en grub2. Al leer un archivo con un mapa de extensión indirecto, grub2 no puede validar la cantidad de entradas de extensión que se leerán. Un sistema de archivos BFS manipulado o dañado puede causar un desbordamiento de enteros durante la lectura del archivo, lo que genera una gran cantidad de lecturas de los límites. Como consecuencia, se pueden filtrar datos confidenciales o grub2 puede fallar."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.2}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*","versionEndIncluding":"2.12","matchCriteriaId":"6ECC2401-511C-4A2E-878F-C7053FA3ABB1"}]}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2024-45779","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345854","source":"secalert@redhat.com","tags":["Issue Tracking"]},{"url":"https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html","source":"secalert@redhat.com","tags":["Mailing List"]}]}}]}