CVE-2024-45775 is a vulnerability identified in the grub2 bootloader, specifically within the grub_extcmd_dispatcher() function. The flaw arises because grub_extcmd_dispatcher() calls grub_arg_list_alloc() to allocate memory for grub's argument list but does not verify whether this memory allocation was successful. If grub_arg_list_alloc() returns NULL due to allocation failure, the NULL pointer is subsequently passed to the parse_option() function. This leads to a NULL pointer dereference, causing grub to crash. In rare scenarios, this can also result in corruption of the Interrupt Vector Table (IVT) data, which is critical for system interrupt handling. The vulnerability has a CVSS 3.1 base score of 5.2, indicating medium severity. The attack vector is local (AV:L), attack complexity is high (AC:H), privileges required are high (PR:H), and no user interaction is needed (UI:N). The scope is unchanged (S:U), with low confidentiality and integrity impacts but high availability impact due to potential system crashes. No known exploits are currently reported in the wild. The flaw is rooted in improper error handling of memory allocation failures, a common programming oversight that can lead to system instability or denial of service. Since grub2 is a widely used bootloader in Linux-based systems, this vulnerability could affect a broad range of devices and servers that rely on grub2 for boot management.

The primary impact of CVE-2024-45775 is on system availability and stability. A successful exploitation causes grub2 to crash during the boot process or when executing certain commands, potentially leading to denial of service conditions. In rare cases, corruption of the Interrupt Vector Table (IVT) could affect system integrity, possibly causing unpredictable system behavior or failures in interrupt handling. For European organizations, especially those operating critical infrastructure, data centers, or cloud services running Linux servers with grub2, this vulnerability could result in unexpected downtime, impacting business continuity and service availability. The requirement for local high privileges limits remote exploitation but insider threats or attackers with elevated access could leverage this flaw to disrupt operations. Additionally, organizations with strict uptime requirements or those running embedded Linux systems that use grub2 could face operational risks. Although confidentiality impact is low, the availability and integrity concerns warrant attention to prevent potential service interruptions.

To mitigate CVE-2024-45775, organizations should monitor for and apply security patches or updates to grub2 as soon as they become available from trusted Linux distribution vendors or upstream maintainers. Until patches are deployed, system administrators should restrict local access to trusted users only, minimizing the risk of exploitation by limiting high-privilege local access. Implementing robust monitoring for unusual system crashes or boot failures can help detect potential exploitation attempts early. Additionally, reviewing and hardening bootloader configurations to reduce unnecessary command execution or argument parsing may reduce exposure. For environments with embedded or custom grub2 builds, developers should audit the code to ensure proper error handling for memory allocation failures and consider backporting fixes. Regular backups and tested recovery procedures will help mitigate the impact of potential system crashes or data corruption. Finally, organizations should incorporate this vulnerability into their risk management and incident response plans to prepare for potential exploitation scenarios.