PT-2019-5305 · Gnu+2 · Grub2+2

Tavis Ormandy

Publicado

2019-11-29

Atualizado

2025-04-29

CVE-2019-14865

CVSS v3.1

5.9

Média

Vetor

AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions grub2 (affected versions not specified)

Description A flaw was found in the grub2-set-bootflag utility of grub2, related to insecure privilege management. This issue can be exploited by a local attacker running the utility under resource pressure, for example by setting RLIMIT, causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Privilege Management

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-269CWE-267

Identificadores relacionados

BDU:2020-02252

CESA-2020_0335

CVE-2019-14865

RHSA-2020:0335

RHSA-2020_0335

Produtos afetados

Centos

Red Hat

Grub2

PT-2019-5305 · Gnu+2 · Grub2+2

CVE-2019-14865

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 19