projects / grub2.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d99b840) | patch
commands/minicmd: Block the dump command in lockdown mode
authorB Horn <b@horn.uk>
Thu, 18 Apr 2024 19:29:39 +0000 (20:29 +0100)
committerFelix Zielcke <fzielcke@z-51.de>
Thu, 3 Jul 2025 16:35:51 +0000 (18:35 +0200)
commit5a6db63d68d95d47954eeec01ec0ad87d8c7f202
tree512cc4187aa7d681f7565cb5c360c0044849709etree | snapshot
parentd99b8405d9853fcd72146549b1a15a15c3803614commit | diff
commands/minicmd: Block the dump command in lockdown mode

The dump enables a user to read memory which should not be possible
in lockdown mode.

Fixes: CVE-2025-1118
Reported-by: B Horn <b@horn.uk>
Reported-by: Jonathan Bar Or <jonathanbaror@gmail.com>
Signed-off-by: B Horn <b@horn.uk>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Gbp-Pq: Topic cve-2025-jan
Gbp-Pq: Name commands-minicmd-Block-the-dump-command-in-lockdown-mode.patch
grub-core/commands/minicmd.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.