CVE-2025-61662
Grub2: missing unregister call for gettext command may lead to use-after-free
CVSS Score
7.8
EPSS Score
0.0%
EPSS Percentile
2th
A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the application to access a memory location that is no longer valid. An attacker could exploit this vulnerability to cause grub to crash, leading to a Denial of Service. Possible data integrity or confidentiality compromise is not discarded.
| Vendor | gnu |
| Product | grub2 |
| Published | Nov 18, 2025 |
| Last Updated | Apr 16, 2026 |
Stay Ahead of the Next One
Get instant alerts for gnu grub2
Be the first to know when new high vulnerabilities affecting gnu grub2 are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected Versions
GNU / grub2
0 โค 2.14
Red Hat / Red Hat Enterprise Linux 10
All versions affected Red Hat / Red Hat Enterprise Linux 10.0 Extended Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 7 Extended Lifecycle Support
All versions affected Red Hat / Red Hat Enterprise Linux 8
All versions affected Red Hat / Red Hat Enterprise Linux 8.2 Advanced Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On
All versions affected Red Hat / Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 8.6 Telecommunications Update Service
All versions affected Red Hat / Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
All versions affected Red Hat / Red Hat Enterprise Linux 8.8 Telecommunications Update Service
All versions affected Red Hat / Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
All versions affected Red Hat / Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
All versions affected Red Hat / Red Hat Enterprise Linux 9.4 Extended Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 9.6 Extended Update Support
All versions affected Red Hat / Red Hat OpenShift Container Platform 4.12
All versions affected Red Hat / Red Hat OpenShift Container Platform 4.13
All versions affected Red Hat / Red Hat OpenShift Container Platform 4.18
All versions affected Red Hat / Red Hat OpenShift Container Platform 4.19
All versions affected References
access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4648 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4649 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4652 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4653 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4654 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4760 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4822 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4823 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4830 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4900 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4998 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:5074 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:5127 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:5233 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:6492 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:7239 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:7243 access.redhat.com: https://access.redhat.com/security/cve/CVE-2025-61662 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2414683 lists.gnu.org: https://lists.gnu.org/archive/html/grub-devel/2025-11/msg00155.html openwall.com: http://www.openwall.com/lists/oss-security/2025/11/18/5