GRUB2 grub.cfg configuration file is created with the wrong permission (0644) allowing unprivileged users to read grub's configuration file content. This presents a low Confidentiality risk as grub.cfg may contain encrypted passwords.
Created grub2 tracking bugs for this issue: Affects: fedora-all [bug 2030358]
Upstream patch for this issue: https://git.savannah.gnu.org/cgit/grub.git/commit/?id=0adec29674561034771c13e446069b41ef41e4d4
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:2110 https://access.redhat.com/errata/RHSA-2022:2110
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-3981