CVE-2024-1048
Published: 6 February 2024
A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will create a temporary file with the new grubenv content and rename it to the original grubenv file. If the program is killed before the rename operation, the temporary file will not be removed and may fill the filesystem when invoked multiple times, resulting in a filesystem out of free inodes or blocks.
Notes
| Author | Note |
|---|---|
| eslerm | the grub2 package does not affect Ubuntu's Secure Boot grub2-unsigned contains Secure Boot security fixes grub2 and grub2-unsigned should have same major version Ubuntu Secure Boot and ESM do not cover i386 trusty's GA kernel cannot handle new versions of grub Note that key revocation is required to protect against evil housekeeper attacks (such as BlackLotus) |
| mdeslaur | This issue is in a RedHat-specific addition and does not affect Debian or Ubuntu |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
grub2 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(does not affect Secure Boot)
|
| focal |
Not vulnerable
(does not affect Secure Boot)
|
|
| jammy |
Not vulnerable
(does not affect Secure Boot)
|
|
| mantic |
Not vulnerable
(does not affect Secure Boot)
|
|
| noble |
Not vulnerable
(does not affect Secure Boot)
|
|
| trusty |
Not vulnerable
(does not affect Secure Boot)
|
|
| upstream |
Needs triage
|
|
| xenial |
Not vulnerable
(does not affect Secure Boot)
|
|
|
grub2-signed Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(RH specific)
|
| focal |
Not vulnerable
(RH specific)
|
|
| jammy |
Not vulnerable
(RH specific)
|
|
| mantic |
Not vulnerable
(RH specific)
|
|
| noble |
Not vulnerable
(RH specific)
|
|
| trusty |
Not vulnerable
(RH specific)
|
|
| upstream |
Needs triage
|
|
| xenial |
Not vulnerable
(RH specific)
|
|
|
grub2-unsigned Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(RH specific)
|
| focal |
Not vulnerable
(RH specific)
|
|
| jammy |
Not vulnerable
(RH specific)
|
|
| mantic |
Not vulnerable
(RH specific)
|
|
| noble |
Not vulnerable
(RH specific)
|
|
| trusty |
Ignored
(end of standard support)
|
|
| upstream |
Needs triage
|
|
| xenial |
Not vulnerable
(RH specific)
|
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 3.3 |
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | None |
| Integrity impact | None |
| Availability impact | Low |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |