Fix CVE-2021-3981
(cherry picked from commit d6a3fb11e7110c0ba1263ba7690679e23383a9bf)
This commit is contained in:
xihaochen
openeuler-sync-bot
parent
ff9ea0a60a
commit
d6708c90ec
41
backport-CVE-2021-3981-restore-umask-for-the-grub.patch
Normal file
41
backport-CVE-2021-3981-restore-umask-for-the-grub.patch
Normal file
@ -0,0 +1,41 @@
|
||||
From 0adec29674561034771c13e446069b41ef41e4d4 Mon Sep 17 00:00:00 2001
|
||||
From: Michael Chang <mchang@suse.com>
|
||||
Date: Fri, 3 Dec 2021 16:13:28 +0800
|
||||
Subject: grub-mkconfig: Restore umask for the grub.cfg
|
||||
|
||||
The commit ab2e53c8a (grub-mkconfig: Honor a symlink when generating
|
||||
configuration by grub-mkconfig) has inadvertently discarded umask for
|
||||
creating grub.cfg in the process of running grub-mkconfig. The resulting
|
||||
wrong permission (0644) would allow unprivileged users to read GRUB
|
||||
configuration file content. This presents a low confidentiality risk
|
||||
as grub.cfg may contain non-secured plain-text passwords.
|
||||
|
||||
This patch restores the missing umask and sets the creation file mode
|
||||
to 0600 preventing unprivileged access.
|
||||
|
||||
Fixes: CVE-2021-3981
|
||||
|
||||
Signed-off-by: Michael Chang <mchang@suse.com>
|
||||
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
||||
---
|
||||
util/grub-mkconfig.in | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
|
||||
index c3ea761..62335d0 100644
|
||||
--- a/util/grub-mkconfig.in
|
||||
+++ b/util/grub-mkconfig.in
|
||||
@@ -301,7 +301,10 @@ and /etc/grub.d/* files or please file a bug report with
|
||||
exit 1
|
||||
else
|
||||
# none of the children aborted with error, install the new grub.cfg
|
||||
+ oldumask=$(umask)
|
||||
+ umask 077
|
||||
cat ${grub_cfg}.new > ${grub_cfg}
|
||||
+ umask $oldumask
|
||||
rm -f ${grub_cfg}.new
|
||||
fi
|
||||
fi
|
||||
--
|
||||
cgit v1.1
|
||||
|
||||
@ -353,3 +353,4 @@ Patch0352: backport-0079-efi-tpm-Fix-typo-in-grub_efi_tpm2_protocol-struct.patch
|
||||
Patch0353: backport-0080-misc-Add-parentheses-around-ALIGN_UP-and-ALIGN_DOWN-.patch
|
||||
Patch0354: backport-0081-verifiers-Fix-calling-uninitialized-function-pointer.patch
|
||||
Patch0355: backport-templates-Fix-bad-test-on-GRUB_DISABLE_SUBMENU.patch
|
||||
Patch0356: backport-CVE-2021-3981-restore-umask-for-the-grub.patch
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
Name: grub2
|
||||
Epoch: 1
|
||||
Version: 2.04
|
||||
Release: 22
|
||||
Release: 23
|
||||
Summary: Bootloader with support for Linux, Multiboot and more
|
||||
License: GPLv3+
|
||||
URL: http://www.gnu.org/software/grub/
|
||||
@ -450,6 +450,12 @@ rm -r /boot/grub2.tmp/ || :
|
||||
%{_datadir}/man/man*
|
||||
|
||||
%changelog
|
||||
* Wed Mar 16 2022 xihaochen <xihaochen@h-partners.com> - 2.04-23
|
||||
- Type:CVE
|
||||
- CVE:CVE-2021-3981
|
||||
- SUG:NA
|
||||
- DESC:Fix CVE-2021-3981
|
||||
|
||||
* Sat Feb 26 2022 zhangqiumiao <zhangqiumiao1@huawei.com> - 2.04-22
|
||||
- Type:bugfix
|
||||
- CVE:NA
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user