mirror of
https://codeberg.org/canoeboot/cbmk.git
synced 2025-02-22 14:30:49 +00:00
b74a7f0cc6
You can find information about these patches here: https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html GRUB has been on a crusade as of late, to proactively audit and fix many security vulnerabilities. This lbmk change brings in a comprehensive series of patches that fix bugs ranging from possible buffer overflows, use-after frees, null derefs and so on. These changes are critical, so a revision release *will* be issued, for the Libreboot 20241206 release series. This change imports the following 73 patches which are present on the upstream GRUB repository (commit IDs matched to upstream): * 4dc616657 loader/i386/bsd: Use safe math to avoid underflow * 490a6ab71 loader/i386/linux: Cast left shift to grub_uint32_t * a8d6b0633 kern/misc: Add sanity check after grub_strtoul() call * 8e6e87e79 kern/partition: Add sanity check after grub_strtoul() call * 5b36a5210 normal/menu: Use safe math to avoid an integer overflow * 9907d9c27 bus/usb/ehci: Define GRUB_EHCI_TOGGLE as grub_uint32_t * f8795cde2 misc: Ensure consistent overflow error messages * 66733f7c7 osdep/unix/getroot: Fix potential underflow * d13b6e8eb script/execute: Fix potential underflow and NULL dereference * e3c578a56 fs/sfs: Check if allocated memory is NULL * 1c06ec900 net: Check if returned pointer for allocated memory is NULL * dee2c14fd net: Prevent overflows when allocating memory for arrays * 4beeff8a3 net: Use safe math macros to prevent overflows * dd6a4c8d1 fs/zfs: Add missing NULL check after grub_strdup() call * 13065f69d fs/zfs: Check if returned pointer for allocated memory is NULL * 7f38e32c7 fs/zfs: Prevent overflows when allocating memory for arrays * 88e491a0f fs/zfs: Use safe math macros to prevent overflows * cde9f7f33 fs: Prevent overflows when assigning returned values from read_number() * 84bc0a9a6 fs: Prevent overflows when allocating memory for arrays * 6608163b0 fs: Use safe math macros to prevent overflows * fbaddcca5 disk/ieee1275/ofdisk: Call grub_ieee1275_close() when grub_malloc() fails * 33bd6b5ac disk: Check if returned pointer for allocated memory is NULL * d8151f983 disk: Prevent overflows when allocating memory for arrays * c407724da disk: Use safe math macros to prevent overflows * c4bc55da2 fs: Disable many filesystems under lockdown * 26db66050 fs/bfs: Disable under lockdown * 5f31164ae commands/hexdump: Disable memory reading in lockdown mode * 340e4d058 commands/memrw: Disable memory reading in lockdown mode * 34824806a commands/minicmd: Block the dump command in lockdown mode * c68b7d236 commands/test: Stack overflow due to unlimited recursion depth * dad8f5029 commands/read: Fix an integer overflow when supplying more than 2^31 characters * b970a5ed9 gettext: Integer overflow leads to heap OOB write * 09bd6eb58 gettext: Integer overflow leads to heap OOB write or read * 7580addfc gettext: Remove variables hooks on module unload * 9c1619773 normal: Remove variables hooks on module unload * 2123c5bca commands/pgp: Unregister the "check_signatures" hooks on module unload * 0bf56bce4 commands/ls: Fix NULL dereference * 05be856a8 commands/extcmd: Missing check for failed allocation * 98ad84328 kern/dl: Check for the SHF_INFO_LINK flag in grub_dl_relocate_symbols() * d72208423 kern/dl: Use correct segment in grub_dl_set_mem_attrs() * 500e5fdd8 kern/dl: Fix for an integer overflow in grub_dl_ref() * 2c34af908 video/readers/jpeg: Do not permit duplicate SOF0 markers in JPEG * 0707accab net/tftp: Fix stack buffer overflow in tftp_open() * 5eef88152 net: Fix OOB write in grub_net_search_config_file() * aa8b4d7fa net: Remove variables hooks when interface is unregisted * a1dd8e59d net: Unregister net_default_ip and net_default_mac variables hooks on unload * d8a937cca script/execute: Limit the recursion depth * 8a7103fdd kern/partition: Limit recursion in part_iterate() * 18212f064 kern/disk: Limit recursion depth * 67f70f70a disk/loopback: Reference tracking for the loopback * 13febd78d disk/cryptodisk: Require authentication after TPM unlock for CLI access * 16f196874 kern/file: Implement filesystem reference counting * a79106872 kern/file: Ensure file->data is set * d1d6b7ea5 fs/xfs: Ensuring failing to mount sets a grub_errno * 6ccc77b59 fs/xfs: Fix out-of-bounds read * 067b6d225 fs/ntfs: Implement attribute verification * 048777bc2 fs/ntfs: Use a helper function to access attributes * 237a71184 fs/ntfs: Track the end of the MFT attribute buffer * aff263187 fs/ntfs: Fix out-of-bounds read * 7e2f750f0 fs/ext2: Fix out-of-bounds read for inline extents * edd995a26 fs/jfs: Inconsistent signed/unsigned types usage in return values * bd999310f fs/jfs: Use full 40 bits offset and address for a data extent * ab09fd053 fs/jfs: Fix OOB read caused by invalid dir slot index * 66175696f fs/jfs: Fix OOB read in jfs_getent() * 1443833a9 fs/iso9660: Fix invalid free * 965db5970 fs/iso9660: Set a grub_errno if mount fails * f7c070a2e fs/hfsplus: Set a grub_errno if mount fails * 563436258 fs/f2fs: Set a grub_errno if mount fails * 0087bc690 fs/tar: Integer overflow leads to heap OOB write * 2c8ac08c9 fs/tar: Initialize name in grub_cpio_find_file() * 417547c10 fs/hfs: Fix stack OOB write with grub_strcpy() * c1a291b01 fs/ufs: Fix a heap OOB write * ea703528a misc: Implement grub_strlcpy() Signed-off-by: Leah Rowe <leah@libreboot.org> |
||
|---|---|---|
| .. | ||
| coreboot | ||
| data | ||
| dependencies | ||
| flashprog | ||
| git | ||
| grub | ||
| ifd | ||
| memtest86plus/patches | ||
| pcsx-redux | ||
| pico-sdk | ||
| seabios/default | ||
| snippet | ||
| stm32-vserprog/patches | ||
| submodule | ||
| u-boot | ||
| uefitool/patches | ||