Endpoint Vulnerability

CVE-2019-14865grub2: grub2-set-bootflag utility causes grubenv corruption rendering the system non-bootable

Description

A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots.

Affected Products

grub2

References

CVE-2019-14865,