projects / grub2.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5eb8070) | patch
kern/disk: Limit recursion depth
authorB Horn <b@horn.uk>
Sun, 12 May 2024 03:09:24 +0000 (04:09 +0100)
committerFelix Zielcke <fzielcke@z-51.de>
Thu, 3 Jul 2025 16:35:51 +0000 (18:35 +0200)
commitee5771f256e36b3890f16c007812f869f66b7335
tree2d00a516888bc06c4738db378769c980dc118f77tree | snapshot
parent5eb8070ebcecb2119241e834dd388e8f8a08af39commit | diff
kern/disk: Limit recursion depth

The grub_disk_read() may trigger other disk reads, e.g. via loopbacks.
This may lead to very deep recursion which can corrupt the heap. So, fix
the issue by limiting reads depth.

Reported-by: B Horn <b@horn.uk>
Signed-off-by: B Horn <b@horn.uk>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Gbp-Pq: Topic cve-2025-jan
Gbp-Pq: Name kern-disk-Limit-recursion-depth.patch
grub-core/kern/disk.c diff | blob | history
include/grub/err.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.