CVE-2024-1048
LOWDescription
A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will create a temporary file with the new grubenv content and rename it to the original grubenv file. If the program is killed before the rename operation, the temporary file will not be removed and may fill the filesystem when invoked multiple times, resulting in a filesystem out of free inodes or blocks.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| gnu | grub2 |
| redhat | enterprise_linux |
| redhat | enterprise_linux |
| fedoraproject | fedora |
References
Advisories & Patches
Other References
Frequently Asked Questions
What is CVE-2024-1048? +
How severe is CVE-2024-1048? +
What products are affected by CVE-2024-1048? +
How do I check if I'm vulnerable to CVE-2024-1048? +
Related Vulnerabilities
Improper cleanup of shared register resources in GPU firmware could allow an admin-privileged attacker from a Guest Virtual machine (VM) …
There is an incomplete cleanup vulnerability in Qt Network's Schannel support on Windows which can lead to a Denial of …
Due to improper Spring Security configuration, SAP Commerce Cloud allows an unauthenticated user to perform malicious input injection, resulting in …
IBOS v4.5.5 has an arbitrary file deletion vulnerability via \system\modules\dashboard\controllers\LoginController.php.
SiYuan is self-hosted, open source personal knowledge management software. SiYuan Note version 3.1.18 has an arbitrary file deletion vulnerability. The …
Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache …