Vulnerability Details CVE-2019-14865
A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.5%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.9
References
- http://www.openwall.com/lists/oss-security/2024/02/06/3
- https://access.redhat.com/errata/RHSA-2020:0335
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14865
- https://seclists.org/oss-sec/2019/q4/101
- http://www.openwall.com/lists/oss-security/2024/02/06/3
- https://access.redhat.com/errata/RHSA-2020:0335
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14865
- https://seclists.org/oss-sec/2019/q4/101
Products affected by CVE-2019-14865
-
cpe:2.3:a:gnu:grub2:-
-
cpe:2.3:o:redhat:enterprise_linux:8.0
-
cpe:2.3:o:redhat:enterprise_linux_eus:8.1
-
cpe:2.3:o:redhat:enterprise_linux_eus:8.2
-
cpe:2.3:o:redhat:enterprise_linux_eus:8.4
-
cpe:2.3:o:redhat:enterprise_linux_eus:8.6
-
cpe:2.3:o:redhat:enterprise_linux_eus:8.8
-
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2
-
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4
-
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6
-
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2
-
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4
-
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6
-
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8