SUSE update for grub2
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2024-56738 |
| CWE-ID | CWE-203 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
SUSE Linux Enterprise Micro Operating systems & Components / Operating system grub2-s390x-emu Operating systems & Components / Operating system package or component grub2-arm64-efi Operating systems & Components / Operating system package or component grub2-x86_64-xen Operating systems & Components / Operating system package or component grub2-i386-pc Operating systems & Components / Operating system package or component grub2-x86_64-efi Operating systems & Components / Operating system package or component grub2-snapper-plugin Operating systems & Components / Operating system package or component grub2-debuginfo Operating systems & Components / Operating system package or component grub2-debugsource Operating systems & Components / Operating system package or component grub2 Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Observable discrepancy
EUVDB-ID: #VU112027
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56738
CWE-ID:
CWE-203 - Observable discrepancy
Exploit availability: No
DescriptionThe vulnerability allows an attacker to bypass implemented security restrictions.
The vulnerability exists due to software does not use a constant-time algorithm for grub_crypto_memcmp. An attacker with physical access to the system can perform side-channel attacks to bypass implemented security restrictions and escalate privileges on the system.
MitigationUpdate the affected package grub2 to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.1
grub2-s390x-emu: before 2.04-150300.3.14.2
grub2-arm64-efi: before 2.04-150300.3.14.2
grub2-x86_64-xen: before 2.04-150300.3.14.2
grub2-i386-pc: before 2.04-150300.3.14.2
grub2-x86_64-efi: before 2.04-150300.3.14.2
grub2-snapper-plugin: before 2.04-150300.3.14.2
grub2-debuginfo: before 2.04-150300.3.14.2
grub2-debugsource: before 2.04-150300.3.14.2
grub2: before 2.04-150300.3.14.2
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:grub2-s390x-emu:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:grub2-arm64-efi:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:grub2-x86_64-xen:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:grub2-i386-pc:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:grub2-x86_64-efi:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:grub2-snapper-plugin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:grub2-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:grub2-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:grub2:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-202502724-1/
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
