mirror of
https://git.yoctoproject.org/poky
synced 2026-06-01 13:09:50 +00:00
Peter Marko
63b8665d9c
Cherry-pick patch mentioning this CVE. (From OE-Core rev: 7c18697372444ef9e4df03b7c9de7b8da7f4f600) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
40 lines
1.3 KiB
Diff
40 lines
1.3 KiB
Diff
From f7c070a2e28dfab7137db0739fb8db1dc02d8898 Mon Sep 17 00:00:00 2001
|
|
From: B Horn <b@horn.uk>
|
|
Date: Sun, 12 May 2024 06:22:51 +0100
|
|
Subject: [PATCH] fs/hfsplus: Set a grub_errno if mount fails
|
|
|
|
It was possible for mount to fail but not set grub_errno. This led to
|
|
a possible double decrement of the module reference count if the NULL
|
|
page was mapped.
|
|
|
|
Fixing in general as a similar bug was fixed in commit 61b13c187
|
|
(fs/hfsplus: Set grub_errno to prevent NULL pointer access) and there
|
|
are likely more variants around.
|
|
|
|
Fixes: CVE-2024-45783
|
|
|
|
Reported-by: B Horn <b@horn.uk>
|
|
Signed-off-by: B Horn <b@horn.uk>
|
|
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
|
|
|
CVE: CVE-2024-45783
|
|
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=f7c070a2e28dfab7137db0739fb8db1dc02d8898]
|
|
Signed-off-by: Peter Marko <peter.marko@siemens.com>
|
|
---
|
|
grub-core/fs/hfsplus.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/grub-core/fs/hfsplus.c b/grub-core/fs/hfsplus.c
|
|
index 295822f69..de71fd486 100644
|
|
--- a/grub-core/fs/hfsplus.c
|
|
+++ b/grub-core/fs/hfsplus.c
|
|
@@ -405,7 +405,7 @@ grub_hfsplus_mount (grub_disk_t disk)
|
|
|
|
fail:
|
|
|
|
- if (grub_errno == GRUB_ERR_OUT_OF_RANGE)
|
|
+ if (grub_errno == GRUB_ERR_OUT_OF_RANGE || grub_errno == GRUB_ERR_NONE)
|
|
grub_error (GRUB_ERR_BAD_FS, "not a HFS+ filesystem");
|
|
|
|
grub_free (data);
|