Wind River Support Network

HomeDefectsLIN1025-418
Fixed

LIN1025-418 : Security Advisory - grub - CVE-2024-56738

Created: Apr 27, 2025    Updated: Nov 19, 2025
Resolved Date: Nov 9, 2025
Found In Version: 10.25.33.1
Fix Version: 10.25.33.3
Severity: Standard
Applicable for: Wind River Linux LTS 25
Component/s: Userspace

Description

GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorithm for grub_crypto_memcmp and thus allows side-channel attacks.

CREATE(Triage):(User=admin) CVE-2024-56738 (https://nvd.nist.gov/vuln/detail/CVE-2024-56738)

CVEs

  • Linkedin
  • Facebook
  • Twitter
  • Youtube