CVE-2025-4002 | RefindPlusRepo RefindPlus 0.14.2.AB BootLog.c GetDebugLogFile null pointer dereference (Issue 204)

A vulnerability was found in RefindPlusRepo RefindPlus 0.14.2.AB and classified as problematic. Affected by this issue is the function GetDebugLogFile of the file Library/MemLogLib/BootLog.c. The manipulation leads to null pointer dereference.

This vulnerability is handled as CVE-2025-4002. Attacking locally is a requirement. There is no exploit available.

It is recommended to apply a patch to fix this issue.VulDB Recent EntriesRead More