CVE-2020-25632 vulnerability in Fedora Project and Other Products
Published on March 3, 2021

A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Vendor Advisory Vendor Advisory NVD

Weakness Type

What is a Dangling pointer Vulnerability?

Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

CVE-2020-25632 has been classified to as a Dangling pointer vulnerability or weakness.

Products Associated with CVE-2020-25632

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-25632 are published in these products:

Fedora Project Fedora

Red Hat Enterprise Linux (RHEL)

Red Hat Enterprise Linux Server Aus

Red Hat Enterprise Linux Server Eus

Red Hat Enterprise Linux Server Tus

Red Hat Enterprise Linux Workstation

GNU Grub2

Canonical Ubuntu Linux

NetApp Ontap Select Deploy Administration Utility

Exploit Probability

EPSS

0.02%

Percentile

3.23%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-25632 vulnerability in Fedora Project and Other ProductsPublished on March 3, 2021

Weakness Type

What is a Dangling pointer Vulnerability?

Products Associated with CVE-2020-25632

Exploit Probability

CVE-2020-25632 vulnerability in Fedora Project and Other Products
Published on March 3, 2021