SUSE update for Recommended update for grub2
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2024-56738 |
| CWE-ID | CWE-203 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Server Applications Module Operating systems & Components / Operating system Basesystem Module Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise Desktop 15 Operating systems & Components / Operating system grub2-x86_64-xen Operating systems & Components / Operating system package or component grub2-s390x-emu Operating systems & Components / Operating system package or component grub2-debugsource Operating systems & Components / Operating system package or component grub2-systemd-sleep-plugin Operating systems & Components / Operating system package or component grub2-arm64-efi Operating systems & Components / Operating system package or component grub2-powerpc-ieee1275 Operating systems & Components / Operating system package or component grub2-snapper-plugin Operating systems & Components / Operating system package or component grub2-x86_64-efi Operating systems & Components / Operating system package or component grub2-i386-pc Operating systems & Components / Operating system package or component grub2-debuginfo Operating systems & Components / Operating system package or component grub2 Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Observable discrepancy
EUVDB-ID: #VU112027
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56738
CWE-ID:
CWE-203 - Observable discrepancy
Exploit availability: No
DescriptionThe vulnerability allows an attacker to bypass implemented security restrictions.
The vulnerability exists due to software does not use a constant-time algorithm for grub_crypto_memcmp. An attacker with physical access to the system can perform side-channel attacks to bypass implemented security restrictions and escalate privileges on the system.
MitigationUpdate the affected package Recommended update for grub2 to the latest version.
Vulnerable software versionsServer Applications Module: 15-SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
grub2-x86_64-xen: before 2.12-150700.19.13.2
grub2-s390x-emu: before 2.12-150700.19.13.2
grub2-debugsource: before 2.12-150700.19.13.2
grub2-systemd-sleep-plugin: before 2.12-150700.19.13.2
grub2-arm64-efi: before 2.12-150700.19.13.2
grub2-powerpc-ieee1275: before 2.12-150700.19.13.2
grub2-snapper-plugin: before 2.12-150700.19.13.2
grub2-x86_64-efi: before 2.12-150700.19.13.2
grub2-i386-pc: before 2.12-150700.19.13.2
grub2-debuginfo: before 2.12-150700.19.13.2
grub2: before 2.12-150700.19.13.2
CPE2.3- cpe:2.3:o:suse:server_applications_module:15-SP7:*:*:*:*:*:*:*
- cpe:2.3:o:suse:basesystem_module:15-SP7:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP7:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP7:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP7:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop_15:SP7:*:*:*:*:*:*:*
- cpe:2.3:a:suse:grub2-x86_64-xen:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:grub2-s390x-emu:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:grub2-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:grub2-systemd-sleep-plugin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:grub2-arm64-efi:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:grub2-powerpc-ieee1275:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:grub2-snapper-plugin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:grub2-x86_64-efi:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:grub2-i386-pc:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:grub2-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:grub2:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-202502813-1/
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
