CVE-2019-14865

medium

Description

A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots.

References

https://seclists.org/oss-sec/2019/q4/101

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14865

https://access.redhat.com/errata/RHSA-2020:0335

Details

Source: MITRE

Published: 2019-11-29

Updated: 2023-02-12

Type: CWE-267

Risk Information

CVSS v2

Base Score: 4.9

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 3.9

Severity: MEDIUM

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 1.8

Severity: MEDIUM