Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-9gmj-v2m8-qffv

GitHub Security Advisory

⚠ Unreviewed MODERATE Has CVE
View on GitHub

Advisory Details

GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorithm for grub_crypto_memcmp and thus allows side-channel attacks.

Related CVEs

CVE-2024-56738

Key Information

GHSA ID
GHSA-9gmj-v2m8-qffv
Published
December 29, 2024 9:30 AM
Last Modified
December 31, 2024 9:30 PM
CVSS Score
5.0 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: August 9, 2025 6:30 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.