Описание
A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots.
A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots.
Отчет
grub-set-bootflag is a command line to set bootflags in GRUB's stored environment. This is a downstream utility which is shipped with Red Hat Enterprise Linux 8 and Fedora. A flaw was found in this application which would could allow a local attacker (someone having a local account on the system) to cause grub configuration files to be truncated. Whenever the machine was rebooted, grub would fail to read the configuration files and the system would be rendered unbootable.
Меры по смягчению последствий
Remove the "grub-set-bootflag" from the system, by manually the deleting the binary file. Note: On subsequent updates of the "grub2-tools-minimal" rpm, the file will be re-installed.
Дополнительная информация
Статус:
EPSS
5.9 Medium
CVSS3
Связанные уязвимости
A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots.
A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots.
A flaw was found in the grub2-set-bootflag utility of grub2. A local a ...
A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots.
EPSS
5.9 Medium
CVSS3