#VU87164 Resource management error in grub2


Vulnerability identifier: #VU87164

Vulnerability risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-1048

CWE-ID: CWE-399

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
grub2
Operating systems & Components / Operating system package or component

Vendor:

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an error in the grub2-set-bootflag utility of grub2. The grub2-set-bootflag will create a temporary file with the new grubenv content and rename it to the original grubenv file. If the program is killed before the rename operation, the temporary file will not be removed and may fill the filesystem when invoked multiple times, resulting in a filesystem out of free inodes or blocks.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

External links
http://bugzilla.redhat.com/show_bug.cgi?id=2256827

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Amazon Linux AMI update for grub2
Multiple vulnerabilities in Juniper Secure Analytics (JSA)
Multiple vulnerabilities in IBM Qradar SIEM
Multiple vulnerabilities in OpenShift Service Mesh 2.5
Red Hat Enterprise Linux 8 update for grub2
Red Hat Enterprise Linux 9 update for grub2
openEuler update for grub2
Fedora 38 update for grub2
Fedora 39 update for grub2