CVE-2024-45778 is a vulnerability identified in grub2, the widely used bootloader, involving a stack overflow triggered by reading a BFS (Be File System) filesystem. The root cause is an integer overflow or wraparound during the parsing of BFS filesystem data, which leads to an uncontrolled loop condition. This loop causes grub2 to crash, resulting in a denial of service (DoS) condition during system boot. The vulnerability requires local access with high privileges (PR:H) to exploit, no user interaction (UI:N) is needed, and the attack vector is local (AV:L). The flaw does not compromise confidentiality or integrity but impacts availability by preventing successful booting of the system. The BFS filesystem is relatively uncommon compared to other filesystems, limiting the attack surface. No known exploits have been reported in the wild, and no patches or fixes have been linked yet. The vulnerability was reserved in September 2024 and published in March 2025. The CVSS 3.1 base score is 4.1, indicating medium severity due to the limited scope and complexity of exploitation. This vulnerability is primarily a denial of service risk affecting systems that use grub2 and may mount or read BFS filesystems during boot.

The primary impact of CVE-2024-45778 is denial of service by causing grub2 to crash during boot when processing a crafted BFS filesystem. This can render affected systems unbootable until recovery measures are taken, potentially causing downtime and operational disruption. Since grub2 is a critical component in the boot process of many Linux distributions, affected systems could be temporarily inaccessible, impacting availability. However, the vulnerability does not allow for privilege escalation, data leakage, or code execution, limiting its impact to availability only. Organizations using BFS filesystems or handling BFS images in environments where grub2 is deployed are at risk. The requirement for local high privileges to exploit reduces the likelihood of remote attacks but raises concerns for insider threats or compromised local users. The lack of known exploits in the wild suggests limited active targeting currently, but the potential for disruption in sensitive or production environments remains significant.

To mitigate CVE-2024-45778, organizations should: 1) Monitor for official patches or updates from grub2 maintainers and apply them promptly once available. 2) Restrict local access to systems running grub2 to trusted users only, minimizing the risk of exploitation by malicious insiders. 3) Avoid mounting or using BFS filesystems in environments where grub2 is critical, or disable BFS filesystem support in grub2 if possible. 4) Implement bootloader integrity verification and recovery mechanisms to quickly restore systems in case of boot failures. 5) Employ system hardening and access controls to prevent unauthorized local privilege escalation that could enable exploitation. 6) Maintain regular backups and recovery plans to reduce downtime if a denial of service occurs. 7) Monitor system logs and boot processes for anomalies indicating attempts to exploit this vulnerability. These steps go beyond generic advice by focusing on filesystem usage, access restrictions, and recovery preparedness specific to this vulnerability.