CVE-2019-14865

A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots.
References
Link Resource
https://seclists.org/oss-sec/2019/q4/101 Mailing List Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14865 Issue Tracking Third Party Advisory
https://access.redhat.com/errata/RHSA-2020:0335 Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:gnu:grub2:-:*:*:*:*:*:*:*
OR cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*

Information

Published : 2019-11-29 10:15

Updated : 2021-05-17 14:36


NVD link : CVE-2019-14865

Mitre link : CVE-2019-14865


JSON object : View

Products Affected

redhat

  • enterprise_linux
  • enterprise_linux_eus

gnu

  • grub2