suse · CVE-2019-14865

Quick triage

Priority: medium Published: 2021-05-30 14:30:41 UTC Updated: 2025-05-01 23:42:12 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2019-14865 severity moderate: SUSE including 22 source package names (grub2, grub2-arm64-efi, …), 137 product×package rows across 25 product lines (SUSE CaaS Platform 3.0, SUSE Container as a Service Platform 2.0, … (25 product lines)): Known Not Affected 124, Fixed 13.

Description:

A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots.

cvelogic Threat Intelligence