CVE-2019-14865

medium

Description

A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots.

References

Advisories

https://seclists.org/oss-sec/2019/q4/101

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14865

https://access.redhat.com/errata/RHSA-2020:0335

http://www.openwall.com/lists/oss-security/2024/02/06/3

Details

Source: Mitre, NVD

Published: 2019-11-29

Updated: 2025-04-29

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.9

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00039