CVE-2019-14865

EPSS 0.04%
Veröffentlicht 29.11.2019 10:15:12
Zuletzt bearbeitet 29.04.2025 20:39:59
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Gnu ≫ Grub2 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.1

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.9	1.5	4	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H
nvd@nist.gov	4.9	3.9	6.9	AV:L/AC:L/Au:N/C:N/I:N/A:C
secalert@redhat.com	5.9	1.5	4	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H

CWE-267 Privilege Defined With Unsafe Actions

A particular privilege, role, capability, or right can be used to perform unsafe actions that were not intended, even when it is assigned to the correct entity.

http://www.openwall.com/lists/oss-security/2024/02/06/3

Third Party Advisory

https://access.redhat.com/errata/RHSA-2020:0335

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14865

Third Party Advisory

Issue Tracking

https://seclists.org/oss-sec/2019/q4/101

Third Party Advisory

Mailing List

https://nvd.nist.gov/vuln/detail/CVE-2019-14865

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-14865

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-14865

EUVD