Insecure Temporary File Vulnerability in Grub-once of Grub2 in SUSE Linux Enterprise Server 15 SP4 and openSUSE Factory

CVE-2021-46705 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linux Enterprise Server 15 SP4 grub2 versions prior to 2.06-150400.7.1. SUSE openSUSE Factory grub2 versions prior to 2.06-18.1.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.