ByteOS Network

NVD Vulnerability Details :

CVE-2025-0622

Awaiting Analysis

Source-secalert@redhat.com

Published At-18 Feb, 2025 | 20:15

Updated At-18 Sep, 2025 | 09:15

A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If correctly exploited, this vulnerability may result in arbitrary code execution, eventually allowing the attacker to bypass secure boot protections.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	6.4	MEDIUM	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Type: Secondary

Version: 3.1

Base score: 6.4

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Weaknesses

CWE ID	Type	Source
CWE-416	Secondary	secalert@redhat.com

CWE ID: CWE-416

Type: Secondary

Source: secalert@redhat.com

References

Hyperlink	Source	Resource
https://access.redhat.com/errata/RHSA-2025:16154	secalert@redhat.com	N/A
https://access.redhat.com/errata/RHSA-2025:6990	secalert@redhat.com	N/A
https://access.redhat.com/security/cve/CVE-2025-0622	secalert@redhat.com	N/A
https://bugzilla.redhat.com/show_bug.cgi?id=2345865	secalert@redhat.com	N/A