projects / grub2.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 585a329) | patch
commands/pgp: Unregister the "check_signatures" hooks on module unload
authorB Horn <b@horn.uk>
Fri, 1 Nov 2024 19:24:29 +0000 (19:24 +0000)
committerMiao Wang <shankerwangmiao@gmail.com>
Sun, 15 Feb 2026 13:50:20 +0000 (13:50 +0000)
commit68bf5b14204fdb19f6d29d2fc19b9ff4ee8b90f1
tree25668f8a87010c85079a5ee83ca2270f5412d2c0tree | snapshot
parent585a329f11ed8596be0b14628a6c5e198bac4842commit | diff
commands/pgp: Unregister the "check_signatures" hooks on module unload

If the hooks are not removed they can be called after the module has
been unloaded leading to an use-after-free.

Fixes: CVE-2025-0622
Reported-by: B Horn <b@horn.uk>
Signed-off-by: B Horn <b@horn.uk>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Gbp-Pq: Topic cve-2025-jan
Gbp-Pq: Name commands-pgp-Unregister-the-check_signatures-hooks-on-mod.patch
grub-core/commands/pgp.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.