How severe is CVE-2024-45780?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.7 out of 10.

What type of vulnerability is CVE-2024-45780?

This is classified as CWE-787, which is a common weakness in software security.

CVE-2024-45780 - MEDIUM Severity | CVSS 6.7

Vulnerability Description

A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It's possible to cause the allocation length to overflow with a crafted tar file, leading to a heap out-of-bounds write. This flaw eventually allows an attacker to circumvent secure boot protections.

Related Vulnerabilities

CVE-2017-17176

MEDIUM

CVSS:6.7(Medium)

The hardware security module of Mate 9 and Mate 9 Pro Huawei smart phones with the versions earlier before MHA-AL00BC00B156, versions earlier before MHA-CL00BC00B156, versions earlier before MHA-DL00B...

CWE-7872017

CVE-2017-18551

MEDIUM

CVSS:6.7(Medium)

An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated.

CWE-7872017

CVE-2017-18846

MEDIUM

CVSS:6.7(Medium)

Certain NETGEAR devices are affected by a stack-based buffer overflow. This affects R6250 before 1.0.4.12, R6400v2 before 1.0.2.32, R7000P/R6900P before 1.0.0.56, R7900 before 1.0.1.18, R8300 before 1...

CWE-7872017

CVE-2018-3632

MEDIUM

CVSS:6.7(Medium)

Memory corruption in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 6.x / 7.x / 8.x / 9.x / 10.x / 11.0 / 11.5 / 11.6 / 11.7 / 11.10 / 11.20 could be trig...

CWE-7872018

CVE-2018-9368

MEDIUM

CVSS:6.7(Medium)

In mtkscoaudio debugfs there is a possible arbitrary kernel memory write due to missing bounds check and weakened SELinux policies. This could lead to local escalation of privilege with system executi...

CWE-7872018

CVE-2018-9386

MEDIUM

CVSS:6.7(Medium)

In reboot_block_command of htc reboot_block driver, there is a possible stack buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution priv...

CWE-7872018