Test ID:	1.3.6.1.4.1.25623.1.1.2.2022.1967
Category:	Huawei EulerOS Local Security Checks
Title:	Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2022-1967)
Summary:	The remote host is missing an update for the Huawei EulerOS 'grub2' package(s) announced via the EulerOS-SA-2022-1967 advisory.
Description:	Summary: The remote host is missing an update for the Huawei EulerOS 'grub2' package(s) announced via the EulerOS-SA-2022-1967 advisory. Vulnerability Insight: A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. This represents a low severity confidentiality issue, as those users can eventually read any encrypted passwords present in grub.cfg. This flaw affects grub2 2.06 and previous versions. This issue has been fixed in grub upstream but no version with the fix is currently released.(CVE-2021-3981) Affected Software/OS: 'grub2' package(s) on Huawei EulerOS V2.0SP9. Solution: Please install the updated package(s). CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2021-3981 FEDORA-2021-73d63662b0 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AI776L35DDYPCSAAJPJM3ZEQYSFZHBJX/ GLSA-202209-12 https://security.gentoo.org/glsa/202209-12 https://bugzilla.redhat.com/show_bug.cgi?id=2024170 http://www.openwall.com/lists/oss-security/2024/01/15/3
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.