]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: b7f79fb) | patch
grub: add a fix for CVE-2020-25632
authorMarta Rybczynska <rybczynska@gmail.com>
Wed, 26 Jan 2022 09:20:43 +0000 (10:20 +0100)
committerSteve Sakoman <steve@sakoman.com>
Mon, 7 Feb 2022 14:40:13 +0000 (04:40 -1000)
commitd61b9588e5691ef390cfc0f03dc6cb0d142f36de
tree8b2a226ab84e3ed4ae606979250599ecb5dc79d3tree | snapshot
parentb7f79fbf23488b954987dfc4aa867e42bdce7feecommit | diff
grub: add a fix for CVE-2020-25632

Fix grub issue with module dereferencing. From the official description
from NVD [1]:

   The rmmod implementation allows the unloading of a module used as
   a dependency without checking if any other dependent module is still
   loaded leading to a use-after-free scenario. This could allow
   arbitrary code to be executed or a bypass of Secure Boot protections.

This patch is a part of a bigger security collection for grub [2].

[1] https://nvd.nist.gov/vuln/detail/CVE-2020-25632
[2] https://lists.gnu.org/archive/html/grub-devel/2021-03/msg00007.html

Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-bsp/grub/files/CVE-2020-25632.patch [new file with mode: 0644] blob
meta/recipes-bsp/grub/grub2.inc diff | blob | history
Mirror of the official openembedded-core repository