Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.28 bug fix and security update
Details
CVSS v3
7.8
NVD published
2025-11-18 19:15:50
EPSS
<0.1% probability · 1.7th percentile — 2026-04-17
Affected versions
cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*
Summary
A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the application to access a memory location that is no longer valid. An attacker could exploit this vulnerability to cause grub to crash, leading to a Denial of Service. Possible data integrity or confidentiality compromise is not discarded.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.