CVE-2024-49504

Nov. 13, 2024, 7:35 p.m.

None
No Score

Description

grub2 allowed attackers with access to the grub shell to access files on the encrypted disks.

Product(s) Impacted

Product Versions
GRUB2

Weaknesses

CWE-276
Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.

References

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-49504

Tags

CWE-276
meissner@suse.de
2024-11-13
CVE-2024-49504

Date

  • Published: Nov. 13, 2024, 3:15 p.m.
  • Last Modified: Nov. 13, 2024, 7:35 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

meissner@suse.de

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.