Main Vulnerability Database Vulnerabilities #VU118667

#VU118667 Use-after-free in grub - CVE-2025-61663

Published: November 21, 2025

Vulnerability identifier: #VU118667

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-61663

CWE-ID: CWE-416

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
grub

Software vendor:
GNU

Description

The vulnerability allows an attacker to perform a denial of service attack.

The vulnerability exists due to the normal command is not properly unregistered when the module is unloaded. An attacker with physical access to the system can perform a denial of service attack.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://bugzilla.redhat.com/show_bug.cgi?id=2414684

#VU118667 Use-after-free in grub - CVE-2025-61663

Description

Remediation

External links

Please verify you're human