A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots.
2019-11-29T10:15:12.830
2025-04-29T20:39:59.300
Analyzed
CVSSv3.1: 5.9 (MEDIUM)
AV:L/AC:L/Au:N/C:N/I:N/A:C
3.9
6.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | gnu | grub2 | - | Yes |
| Operating System | redhat | enterprise_linux | 8.0 | No |
| Operating System | redhat | enterprise_linux_eus | 8.1 | No |
| Operating System | redhat | enterprise_linux_eus | 8.2 | No |
| Operating System | redhat | enterprise_linux_eus | 8.4 | No |
| Operating System | redhat | enterprise_linux_eus | 8.6 | No |
| Operating System | redhat | enterprise_linux_eus | 8.8 | No |
| Operating System | redhat | enterprise_linux_server_aus | 8.2 | No |
| Operating System | redhat | enterprise_linux_server_aus | 8.4 | No |
| Operating System | redhat | enterprise_linux_server_aus | 8.6 | No |
| Operating System | redhat | enterprise_linux_server_tus | 8.2 | No |
| Operating System | redhat | enterprise_linux_server_tus | 8.4 | No |
| Operating System | redhat | enterprise_linux_server_tus | 8.6 | No |
| Operating System | redhat | enterprise_linux_server_tus | 8.8 | No |