Home > Vulnerability Database > CVE-2024-1048

Mend.io Vulnerability Database

CVE-2024-1048

Good to know:

Date: February 6, 2024

A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will create a temporary file with the new grubenv content and rename it to the original grubenv file. If the program is killed before the rename operation, the temporary file will not be removed and may fill the filesystem when invoked multiple times, resulting in a filesystem out of free inodes or blocks.

Language: C

Severity Score

3.3

Related Resources (10)

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YSJAEGRR3XHMBBBKYOVMII4P34IXEYPE/

Url: https://www.openwall.com/lists/oss-security/2024/02/06/3

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRZQCVZ3XOASVFT6XLO7F2ZXOLOHIJZQ/

Url: https://security.netapp.com/advisory/ntap-20240223-0007/

Url: http://www.openwall.com/lists/oss-security/2024/02/06/3

Url: https://access.redhat.com/errata/RHSA-2024:2456

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-1048

Url: https://access.redhat.com/security/cve/CVE-2024-1048

Url: https://bugzilla.redhat.com/show_bug.cgi?id=2256827

Url: https://www.mend.io/vulnerability-database/CVE-2024-1048

Severity Score

3.3

Weakness Type (CWE)

Incomplete Cleanup

CWE-459

Top Fix

Upgrade Version

Upgrade to version b49dd0027f5db130ecb14b136f8d33fe5aa05cf8

Learn More

CVSS v3.1

Base Score:	3.3
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2024-1048

Good to know:

Date: February 6, 2024

Language: C

Severity Score

Related Resources (10)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?