CVE-2021-3981
Description
A flaw in grub2 configuration file permissions allows unprivileged users to read grub.cfg, potentially exposing encrypted passwords.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A flaw in grub2 configuration file permissions allows unprivileged users to read grub.cfg, potentially exposing encrypted passwords.
Vulnerability
The GRUB2 configuration file grub.cfg is created with incorrect permissions (0644) instead of restricted permissions, allowing any local unprivileged user to read its contents. This affects GRUB2 versions 2.06 and earlier [4]. The file may contain encrypted passwords used for boot menu protection.
Exploitation
An unprivileged user with local access to the system can simply read the file, typically located at /boot/grub2/grub.cfg or similar, due to the world-readable permission [4]. No authentication beyond a standard user account is required, and no special privileges or user interaction are needed.
Impact
A local attacker can read encrypted passwords stored in grub.cfg. While the passwords are hashed, they may be susceptible to offline brute-force attacks, potentially allowing the attacker to bypass boot-level authentication and gain unauthorized access to the system.
Mitigation
The issue has been fixed upstream, but no official release with the fix is currently available [4]. As a workaround, administrators can manually set restrictive permissions on grub.cfg (e.g., chmod 600). Gentoo GLSA 202209-12 recommends upgrading to sys-boot/grub-2.06-r3 [3]. There is no KEV listing.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
21- grub2/grub2description
- osv-coords19 versionspkg:rpm/almalinux/grub2-commonpkg:rpm/almalinux/grub2-efi-aa64pkg:rpm/almalinux/grub2-efi-aa64-cdbootpkg:rpm/almalinux/grub2-efi-aa64-modulespkg:rpm/almalinux/grub2-efi-ia32pkg:rpm/almalinux/grub2-efi-ia32-cdbootpkg:rpm/almalinux/grub2-efi-ia32-modulespkg:rpm/almalinux/grub2-efi-x64pkg:rpm/almalinux/grub2-efi-x64-cdbootpkg:rpm/almalinux/grub2-efi-x64-modulespkg:rpm/almalinux/grub2-pcpkg:rpm/almalinux/grub2-pc-modulespkg:rpm/almalinux/grub2-ppc64lepkg:rpm/almalinux/grub2-ppc64le-modulespkg:rpm/almalinux/grub2-toolspkg:rpm/almalinux/grub2-tools-efipkg:rpm/almalinux/grub2-tools-extrapkg:rpm/almalinux/grub2-tools-minimalpkg:rpm/opensuse/grub2&distro=openSUSE%20Tumbleweed
< 1:2.02-123.el8.alma+ 18 more
- (no CPE)range: < 1:2.02-123.el8.alma
- (no CPE)range: < 1:2.02-123.el8.alma
- (no CPE)range: < 1:2.02-123.el8.alma
- (no CPE)range: < 1:2.02-123.el8.alma
- (no CPE)range: < 1:2.02-123.el8.alma
- (no CPE)range: < 1:2.02-123.el8.alma
- (no CPE)range: < 1:2.02-123.el8.alma
- (no CPE)range: < 1:2.02-123.el8.alma
- (no CPE)range: < 1:2.02-123.el8.alma
- (no CPE)range: < 1:2.02-123.el8.alma
- (no CPE)range: < 1:2.02-123.el8.alma
- (no CPE)range: < 1:2.02-123.el8.alma
- (no CPE)range: < 1:2.02-123.el8_6.8.alma
- (no CPE)range: < 1:2.02-123.el8.alma
- (no CPE)range: < 1:2.02-123.el8.alma
- (no CPE)range: < 1:2.02-123.el8.alma
- (no CPE)range: < 1:2.02-123.el8.alma
- (no CPE)range: < 1:2.02-123.el8.alma
- (no CPE)range: < 2.06-13.1
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
4- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AI776L35DDYPCSAAJPJM3ZEQYSFZHBJX/mitrevendor-advisoryx_refsource_FEDORA
- security.gentoo.org/glsa/202209-12mitrevendor-advisoryx_refsource_GENTOO
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC
- www.openwall.com/lists/oss-security/2024/01/15/3mitre
News mentions
0No linked articles in our index yet.