CVE-2025-0622

MEDIUM 6.4

Grub2: command/gpg: use-after-free due to hooks not being removed on module unload

CVSS Score

6.4

EPSS Score

0.1%

EPSS Percentile

25th

A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If correctly exploited, this vulnerability may result in arbitrary code execution, eventually allowing the attacker to bypass secure boot protections.

CWE	CWE-416
Published	Feb 18, 2025
Last Updated	Mar 24, 2026

Stay Ahead of the Next One

Get instant alerts for

Be the first to know when new medium vulnerabilities are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

High

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Red Hat / Red Hat Enterprise Linux 10

All versions affected

Red Hat / Red Hat Enterprise Linux 9

All versions affected

Red Hat / Red Hat Enterprise Linux 7

All versions affected

Red Hat / Red Hat Enterprise Linux 8

All versions affected

Red Hat / Red Hat OpenShift Container Platform 4

All versions affected

References

NVD ↗ CVE.org ↗ EPSS Data ↗

access.redhat.com: https://access.redhat.com/errata/RHSA-2025:16154 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:6990 access.redhat.com: https://access.redhat.com/security/cve/CVE-2025-0622 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2345865 lists.gnu.org: https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html