ByteOS Network

NVD Vulnerability Details :

CVE-2025-54770

Awaiting Analysis

Source-secalert@redhat.com

Published At-18 Nov, 2025 | 19:15

Updated At-19 Nov, 2025 | 19:14

A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service (DoS) risk. This flaw is a Use-after-Free issue, caused because the net_set_vlan command is not properly unregistered when the network module is unloaded from memory. An attacker who can execute this command can force the system to access memory locations that are no longer valid. Successful exploitation leads directly to system instability, which can result in a complete crash and halt system availability

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	4.9	MEDIUM	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Type: Secondary

Version: 3.1

Base score: 4.9

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Weaknesses

CWE ID	Type	Source
CWE-825	Secondary	secalert@redhat.com

CWE ID: CWE-825

Type: Secondary

Source: secalert@redhat.com

References

Hyperlink	Source	Resource
https://access.redhat.com/security/cve/CVE-2025-54770	secalert@redhat.com	N/A
https://bugzilla.redhat.com/show_bug.cgi?id=2413813	secalert@redhat.com	N/A
http://www.openwall.com/lists/oss-security/2025/11/18/4	af854a3a-2127-422b-91ae-364da2661108	N/A