projects / grub2.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d754dfb) | patch
kern/disk: Limit recursion depth
authorB Horn <b@horn.uk>
Sun, 12 May 2024 03:09:24 +0000 (04:09 +0100)
committerFelix Zielcke <fzielcke@z-51.de>
Wed, 11 Jun 2025 15:42:34 +0000 (17:42 +0200)
commit6673fa7c52c35940732be4590eceff6b02281e9f
tree59c6f9faa2d206908e2630afda331f31cbfcd6adtree | snapshot
parentd754dfb2119c851674ea0a0396456ba18060a3b4commit | diff
kern/disk: Limit recursion depth

The grub_disk_read() may trigger other disk reads, e.g. via loopbacks.
This may lead to very deep recursion which can corrupt the heap. So, fix
the issue by limiting reads depth.

Reported-by: B Horn <b@horn.uk>
Signed-off-by: B Horn <b@horn.uk>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Gbp-Pq: Topic cve-2025-jan
Gbp-Pq: Name kern-disk-Limit-recursion-depth.patch
grub-core/kern/disk.c diff | blob | history
include/grub/err.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.