GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 26 Aug 2025 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Gnu
Gnu grub2
Netapp
Netapp bootstrap Os
Netapp hci Compute Node
CPEs cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*
cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*
Vendors & Products Gnu
Gnu grub2
Netapp
Netapp bootstrap Os
Netapp hci Compute Node

cve-icon MITRE

Status: PUBLISHED

Assigner: canonical

Published:

Updated: 2025-02-13T17:33:46.314Z

Reserved: 2024-03-07T23:53:27.661Z

Link: CVE-2024-2312

cve-icon Vulnrichment

Updated: 2024-08-01T19:11:52.852Z

cve-icon NVD

Status : Analyzed

Published: 2024-04-05T20:15:09.020

Modified: 2025-08-26T17:17:34.323

Link: CVE-2024-2312

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-04-05T00:00:00Z

Links: CVE-2024-2312 - Bugzilla

cve-icon OpenCVE Enrichment

No data.