Grub2: grub2-set-bootflag can be abused by local (pseudo-)users
A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will create a temporary file with the new grubenv content and rename it to the original grubenv file. If the program is killed before the rename operation, the temporary file will not be removed and may fill the filesystem when invoked multiple times, resulting in a filesystem out of free inodes or blocks.
Affected products
- *
Matching in nixpkgs
pkgs.grub2_light
GNU GRUB, the Grand Unified Boot Loader
-
nixos-unstable -
- nixpkgs-unstable 2.12
pkgs.grub2_xen_pvh
GNU GRUB, the Grand Unified Boot Loader
-
nixos-unstable -
- nixpkgs-unstable 2.12
pkgs.catppuccin-grub
Soothing pastel theme for GRUB
-
nixos-unstable -
- nixpkgs-unstable 1.0.0
pkgs.sleek-grub-theme
Grub bootloader themes, contains light/dark/orange/bigSur styles
-
nixos-unstable -
- nixpkgs-unstable 2024-08-11
pkgs.grub2_pvgrub_image
PvGrub2 image for booting PV Xen guests
pkgs.minimal-grub-theme
Minimalistic GRUB theme insipired by primitivistical and vimix
-
nixos-unstable -
- nixpkgs-unstable 0.3.0
pkgs.grub2_pvhgrub_image
PvGrub2 image for booting PVH Xen guests
pkgs.kdePackages.breeze-grub
GRUB theme for the Breeze visual style for the Plasma Desktop
-
nixos-unstable -
- nixpkgs-unstable 6.4.5
Package maintainers
-
@isabelroses Isabel Roses <isabel@isabelroses.com>
-
@mimvoid mimvoid <mimvoid@proton.me>
-
@SigmaSquadron Fernando Rodrigues <alpha@sigmasquadron.net>
-
@hehongbo Hongbo
-
@CertainLach Yaroslav Bolyukin <iam@lach.pw>
-
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
-
@ilya-fedin Ilya Fedin <fedin-ilja2010@ya.ru>
-
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
-
@mjm Matt Moriarity <matt@mattmoriarity.com>
-
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
-
@NickCao Nick Cao <nickcao@nichi.co>
-
@K900 Ilya K. <me@0upti.me>
-
@azuwis Zhong Jianxin <azuwis@gmail.com>
-
@luochen1990 Luo Chen <luochen1990@gmail.com>