Published: 29/11/2019 Updated: 06/02/2024

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 436

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu grub2 -

Synopsis Moderate: grub2 security update Type/Severity Security Advisory: Moderate Topic An update for grub2 is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which ...

Tool to examine the behaviour of setuid binaries under constrained limits.

scanlimits A tool to examine the behaviour of setuid binaries when constrained If you set resource limits using setrlimit(), prlimit() or the ulimit shell builtin, then those limits apply even across a setuid execve() To put it another way, any limits you apply to your current shell also apply to any setuid executables you run Some developers find this surprising, and it c

CWE-267 https://seclists.org/oss-sec/2019/q4/101 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14865 https://access.redhat.com/errata/RHSA-2020:0335 http://www.openwall.com/lists/oss-security/2024/02/06/3 https://access.redhat.com/errata/RHSA-2020:0335 https://nvd.nist.gov https://github.com/taviso/scanlimits

CVE-2019-14865

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect