projects / grub2.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7ad3214) | patch
fs: Disable many filesystems under lockdown
authorDaniel Axtens <dja@axtens.net>
Sat, 23 Mar 2024 05:20:45 +0000 (16:20 +1100)
committerMiao Wang <shankerwangmiao@gmail.com>
Sun, 15 Feb 2026 13:50:20 +0000 (13:50 +0000)
commit21422762ca0545992326f86dc6e7d45f870bc81f
tree7273b5e49e5e926e2b9815444e7d1c4b20f9e13etree | snapshot
parent7ad3214789749eea8bd30616e5ecb753cd7b37c2commit | diff
fs: Disable many filesystems under lockdown

The idea is to permit the following: btrfs, cpio, exfat, ext, f2fs, fat,
hfsplus, iso9660, squash4, tar, xfs and zfs.

The JFS, ReiserFS, romfs, UDF and UFS security vulnerabilities were
reported by Jonathan Bar Or <jonathanbaror@gmail.com>.

Fixes: CVE-2025-0677
Fixes: CVE-2025-0684
Fixes: CVE-2025-0685
Fixes: CVE-2025-0686
Fixes: CVE-2025-0689
Suggested-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Gbp-Pq: Topic cve-2025-jan
Gbp-Pq: Name fs-Disable-many-filesystems-under-lockdown.patch
grub-core/fs/affs.c diff | blob | history
grub-core/fs/cbfs.c diff | blob | history
grub-core/fs/jfs.c diff | blob | history
grub-core/fs/minix.c diff | blob | history
grub-core/fs/nilfs2.c diff | blob | history
grub-core/fs/ntfs.c diff | blob | history
grub-core/fs/reiserfs.c diff | blob | history
grub-core/fs/romfs.c diff | blob | history
grub-core/fs/sfs.c diff | blob | history
grub-core/fs/udf.c diff | blob | history
grub-core/fs/ufs.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.