fix CVE-2024-56738
Signed-off-by: Qiumiao Zhang <zhangqiumiao1@huawei.com>
This commit is contained in:
Qiumiao Zhang
parent
5fb9a426e9
commit
66764598e4
42
backport-fix-CVE-2024-56738.patch
Normal file
42
backport-fix-CVE-2024-56738.patch
Normal file
@ -0,0 +1,42 @@
|
||||
From 8b1b47efd667ea3450681fa0c674045980e25360 Mon Sep 17 00:00:00 2001
|
||||
From: Jonathan Bar Or <jonathanbaror@gmail.com>
|
||||
Date: Mon, 7 Apr 2025 09:36:34 +0000
|
||||
Subject: [PATCH] fix CVE-2024-56738
|
||||
|
||||
Reference:https://savannah.gnu.org/bugs/?66603
|
||||
Conflict:NA
|
||||
|
||||
---
|
||||
grub-core/lib/crypto.c | 12 ++++++------
|
||||
1 file changed, 6 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c
|
||||
index d53ddbe..653aab7 100644
|
||||
--- a/grub-core/lib/crypto.c
|
||||
+++ b/grub-core/lib/crypto.c
|
||||
@@ -440,16 +440,16 @@ grub_crypto_gcry_error (gcry_err_code_t in)
|
||||
int
|
||||
grub_crypto_memcmp (const void *a, const void *b, grub_size_t n)
|
||||
{
|
||||
- register grub_size_t counter = 0;
|
||||
- const grub_uint8_t *pa, *pb;
|
||||
+ register grub_uint8_t indicator = 0;
|
||||
+ const grub_uint8_t *pa = a, *pb = b;
|
||||
+ grub_size_t i;
|
||||
|
||||
- for (pa = a, pb = b; n; pa++, pb++, n--)
|
||||
+ for (i = 0; i < n; i++)
|
||||
{
|
||||
- if (*pa != *pb)
|
||||
- counter++;
|
||||
+ indicator |= (pa[i] ^ pb[i]);
|
||||
}
|
||||
|
||||
- return !!counter;
|
||||
+ return !!indicator;
|
||||
}
|
||||
|
||||
#ifndef GRUB_UTIL
|
||||
--
|
||||
2.33.0
|
||||
|
||||
@ -494,3 +494,4 @@ Patch0493: backport-0027-commands-minicmd-Block-the-dump-command-in-lockdown-.pa
|
||||
Patch0494: backport-0028-fs-bfs-Disable-under-lockdown.patch
|
||||
Patch0495: backport-0029-fs-Disable-many-filesystems-under-lockdown.patch
|
||||
Patch0496: backport-0030-fs-Prevent-overflows-when-allocating-memory-for-arra.patch
|
||||
Patch0497: backport-fix-CVE-2024-56738.patch
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
Name: grub2
|
||||
Epoch: 1
|
||||
Version: 2.04
|
||||
Release: 40
|
||||
Release: 41
|
||||
Summary: Bootloader with support for Linux, Multiboot and more
|
||||
License: GPLv3+
|
||||
URL: http://www.gnu.org/software/grub/
|
||||
@ -442,6 +442,12 @@ rm -r /boot/grub2.tmp/ || :
|
||||
%{_datadir}/man/man*
|
||||
|
||||
%changelog
|
||||
* Tue Apr 8 2025 zhangqiumiao <zhangqiumiao1@huawei.com> - 1:2.04-41
|
||||
- Type:CVE
|
||||
- CVE:CVE-2024-56738
|
||||
- SUG:NA
|
||||
- DESC:fix CVE-2024-56738
|
||||
|
||||
* Sat Feb 22 2025 zhangqiumiao <zhangqiumiao1@huawei.com> - 1:2.04-40
|
||||
- Type:CVE
|
||||
- CVE:CVE-2024-45781,CVE-2024-45782,CVE-2024-56737,CVE-2024-45780,CVE-2024-45783,CVE-2024-49504,CVE-2025-0624,CVE-20
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user