!527 fix CVE-2024-56738

From: @zhangqiumiao Reviewed-by: @t_feng Signed-off-by: @t_feng
2025-04-08 03:02:58 +00:00 · 2025-04-08 03:02:58 +00:00 · 9e78f48f2d
commit 9e78f48f2d
parent 5fb9a426e9 66764598e4
3 changed files with 50 additions and 1 deletions
--- a/backport-fix-CVE-2024-56738.patch
+++ b/backport-fix-CVE-2024-56738.patch
@ -0,0 +1,42 @@
 From 8b1b47efd667ea3450681fa0c674045980e25360 Mon Sep 17 00:00:00 2001
 From: Jonathan Bar Or <jonathanbaror@gmail.com>
 Date: Mon, 7 Apr 2025 09:36:34 +0000
 Subject: [PATCH] fix CVE-2024-56738
 Reference:https://savannah.gnu.org/bugs/?66603
 Conflict:NA
 ---
 grub-core/lib/crypto.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)
 diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c
 index d53ddbe..653aab7 100644
 --- a/grub-core/lib/crypto.c
 +++ b/grub-core/lib/crypto.c
@@ -440,16 +440,16 @@ grub_crypto_gcry_error (gcry_err_code_t in)
 int
 grub_crypto_memcmp (const void *a, const void *b, grub_size_t n)
 {
 -  register grub_size_t counter = 0;
 -  const grub_uint8_t *pa, *pb;
 +  register grub_uint8_t indicator = 0;
 +  const grub_uint8_t *pa = a, *pb = b;
 +  grub_size_t i;
 -  for (pa = a, pb = b; n; pa++, pb++, n--)
 +  for (i = 0; i < n; i++)
     {
 -      if (*pa != *pb)
 -	counter++;
 +	indicator |= (pa[i] ^ pb[i]);
     }
 -  return !!counter;
 +  return !!indicator;
 }
 #ifndef GRUB_UTIL
 -- 
 2.33.0
--- a/grub.patches
+++ b/grub.patches
@ -494,3 +494,4 @@ Patch0493: backport-0027-commands-minicmd-Block-the-dump-command-in-lockdown-.pa
 Patch0494: backport-0028-fs-bfs-Disable-under-lockdown.patch
 Patch0495: backport-0029-fs-Disable-many-filesystems-under-lockdown.patch
 Patch0496: backport-0030-fs-Prevent-overflows-when-allocating-memory-for-arra.patch
 Patch0497: backport-fix-CVE-2024-56738.patch
--- a/grub2.spec
+++ b/grub2.spec
@ -8,7 +8,7 @@
 Name:		grub2
 Epoch:		1
 Version:	2.04
-Release:	40
+Release:	41
 Summary:	Bootloader with support for Linux, Multiboot and more
 License:	GPLv3+
 URL:		http://www.gnu.org/software/grub/
@ -442,6 +442,12 @@ rm -r /boot/grub2.tmp/ || :
 %{_datadir}/man/man*
 %changelog
 * Tue Apr 8 2025 zhangqiumiao <zhangqiumiao1@huawei.com> - 1:2.04-41
 - Type:CVE
 - CVE:CVE-2024-56738
 - SUG:NA
 - DESC:fix CVE-2024-56738
 * Sat Feb 22 2025 zhangqiumiao <zhangqiumiao1@huawei.com> - 1:2.04-40
 - Type:CVE
 - CVE:CVE-2024-45781,CVE-2024-45782,CVE-2024-56737,CVE-2024-45780,CVE-2024-45783,CVE-2024-49504,CVE-2025-0624,CVE-20