Description

A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the application to access a memory location that is no longer valid. An attacker could exploit this vulnerability to cause grub to crash, leading to a Denial of Service. Possible data integrity or confidentiality compromise is not discarded.

INFO

Published Date :

2025-11-18T18:20:48.351Z

Last Modified :

2026-04-16T13:52:15.542Z

Source :

redhat
AFFECTED PRODUCTS

The following products are affected by CVE-2025-61662 vulnerability.

Vendors Products
Gnu
  • Grub2
Redhat
  • Enterprise Linux
  • Enterprise Linux Eus
  • Openshift
  • Rhel Aus
  • Rhel E4s
  • Rhel Els
  • Rhel Eus
  • Rhel Eus Long Life
  • Rhel Tus
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-61662.

URL Resource
http://www.openwall.com/lists/oss-security/2025/11/18/5 cve-icon
https://access.redhat.com/errata/RHSA-2026:4648 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:4649 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:4652 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:4653 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:4654 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:4760 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:4822 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:4823 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:4830 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:4900 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:4998 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:5074 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:5127 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:5233 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:6492 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:7239 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:7243 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2025-61662 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2414683 cve-icon cve-icon
https://lists.gnu.org/archive/html/grub-devel/2025-11/msg00155.html cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-61662 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-61662 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact