packages/grub2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix CVE-2021-3981

Browse Source 
(cherry picked from commit 3c38566f8b71e0c6d9bff0f208c6dee16b58769e)
This commit is contained in:
xihaochen 2022-03-16 14:19:29 +08:00 committed by openeuler-sync-bot
parent 1b1d8d2ec6
commit 17a445ed58
3 changed files with 49 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
backport-CVE-2021-3981-restore-umask-for-the-grub.patch Normal file
View File

@ -0,0 +1,41 @@
From 0adec29674561034771c13e446069b41ef41e4d4 Mon Sep 17 00:00:00 2001
From: Michael Chang <mchang@suse.com>
Date: Fri, 3 Dec 2021 16:13:28 +0800
Subject: grub-mkconfig: Restore umask for the grub.cfg
The commit ab2e53c8a (grub-mkconfig: Honor a symlink when generating
configuration by grub-mkconfig) has inadvertently discarded umask for
creating grub.cfg in the process of running grub-mkconfig. The resulting
wrong permission (0644) would allow unprivileged users to read GRUB
configuration file content. This presents a low confidentiality risk
as grub.cfg may contain non-secured plain-text passwords.
This patch restores the missing umask and sets the creation file mode
to 0600 preventing unprivileged access.
Fixes: CVE-2021-3981
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
util/grub-mkconfig.in | 3 +++
1 file changed, 3 insertions(+)
diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
index c3ea761..62335d0 100644
--- a/util/grub-mkconfig.in
+++ b/util/grub-mkconfig.in
@@ -301,7 +301,10 @@ and /etc/grub.d/* files or please file a bug report with
exit 1
else
# none of the children aborted with error, install the new grub.cfg
+ oldumask=$(umask)
+ umask 077
cat ${grub_cfg}.new > ${grub_cfg}
+ umask $oldumask
rm -f ${grub_cfg}.new
fi
fi
--
cgit v1.1

1
grub.patches
View File

@ -358,3 +358,4 @@ Patch0357: support-TPM2.0.patch
Patch0358: use-default-timestamp.patch Patch0358: use-default-timestamp.patch
Patch0359: backport-arm64-Fix-EFI-loader-kernel-image-allocation.patch Patch0359: backport-arm64-Fix-EFI-loader-kernel-image-allocation.patch
Patch0360: backport-Arm-check-for-the-PE-magic-for-the-compiled-arch.patch Patch0360: backport-Arm-check-for-the-PE-magic-for-the-compiled-arch.patch
Patch0361: backport-CVE-2021-3981-restore-umask-for-the-grub.patch

8
grub2.spec
View File

@ -8,7 +8,7 @@
Name: grub2 Name: grub2
Epoch: 1 Epoch: 1
Version: 2.04 Version: 2.04
Release: 24 Release: 25
Summary: Bootloader with support for Linux, Multiboot and more Summary: Bootloader with support for Linux, Multiboot and more
License: GPLv3+ License: GPLv3+
URL: http://www.gnu.org/software/grub/ URL: http://www.gnu.org/software/grub/
@ -450,6 +450,12 @@ rm -r /boot/grub2.tmp/ || :
%{_datadir}/man/man* %{_datadir}/man/man*
%changelog %changelog
* Wed Mar 16 2022 xihaochen <xihaochen@h-partners.com> - 2.04-25
- Type:CVE
- CVE:CVE-2021-3981
- SUG:NA
- DESC:Fix CVE-2021-3981
* Sat Feb 26 2022 yanan <yanan@huawei.com> - 2.04-24 * Sat Feb 26 2022 yanan <yanan@huawei.com> - 2.04-24
- Type:bugfix - Type:bugfix
- CVE:NA - CVE:NA