CVE-2021-46705

Summary

A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linux Enterprise Server 15 SP4 grub2 versions prior to 2.06-150400.7.1. SUSE openSUSE Factory grub2 versions prior to 2.06-18.1.

Affected Software

VendorProductVersion RangeStatus
SUSESUSE Linux Enterprise Server 15 SP4grub2 < 2.06-150400.7.1affected
SUSEopenSUSE Factorygrub2 < 2.06-18.1affected

Weaknesses

  • CWE-377: CWE-377: Insecure Temporary File

ADP Enrichment

CVE Program Container

Additional References

References