VDB
DEBIAN-CVE-2020-25632
DEBIAN-CVE-2020-25632
PUBLISHED
CVSS 8.199999809265137 HIGH
A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Risk Scores
CVSS 3.1
8.199999809265137
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:13 | grub2 | 0, 0, 0 |
| Debian:14 | grub2 | 0, 0, 0 |
| Debian:12 | grub2 | 0, 0, 0 |
| Debian:11 | grub2 | 0, 0, 0 |
Exploit Intelligence
Timeline
- Mar 3, 2021 CVE Published
- Apr 28, 2026 CVE Updated