packages/grub2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix CVE-2021-3981

Browse Source 
(cherry picked from commit d6a3fb11e7110c0ba1263ba7690679e23383a9bf)
This commit is contained in:
xihaochen 2022-03-16 14:51:31 +08:00 committed by openeuler-sync-bot
parent ff9ea0a60a
commit d6708c90ec
3 changed files with 49 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
backport-CVE-2021-3981-restore-umask-for-the-grub.patch Normal file
View File

@ -0,0 +1,41 @@
From 0adec29674561034771c13e446069b41ef41e4d4 Mon Sep 17 00:00:00 2001
From: Michael Chang <mchang@suse.com>
Date: Fri, 3 Dec 2021 16:13:28 +0800
Subject: grub-mkconfig: Restore umask for the grub.cfg
The commit ab2e53c8a (grub-mkconfig: Honor a symlink when generating
configuration by grub-mkconfig) has inadvertently discarded umask for
creating grub.cfg in the process of running grub-mkconfig. The resulting
wrong permission (0644) would allow unprivileged users to read GRUB
configuration file content. This presents a low confidentiality risk
as grub.cfg may contain non-secured plain-text passwords.
This patch restores the missing umask and sets the creation file mode
to 0600 preventing unprivileged access.
Fixes: CVE-2021-3981
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
util/grub-mkconfig.in | 3 +++
1 file changed, 3 insertions(+)
diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
index c3ea761..62335d0 100644
--- a/util/grub-mkconfig.in
+++ b/util/grub-mkconfig.in
@@ -301,7 +301,10 @@ and /etc/grub.d/* files or please file a bug report with
exit 1
else
# none of the children aborted with error, install the new grub.cfg
+ oldumask=$(umask)
+ umask 077
cat ${grub_cfg}.new > ${grub_cfg}
+ umask $oldumask
rm -f ${grub_cfg}.new
fi
fi
--
cgit v1.1

1
grub.patches
View File

@ -353,3 +353,4 @@ Patch0352: backport-0079-efi-tpm-Fix-typo-in-grub_efi_tpm2_protocol-struct.patch
Patch0353: backport-0080-misc-Add-parentheses-around-ALIGN_UP-and-ALIGN_DOWN-.patch Patch0353: backport-0080-misc-Add-parentheses-around-ALIGN_UP-and-ALIGN_DOWN-.patch
Patch0354: backport-0081-verifiers-Fix-calling-uninitialized-function-pointer.patch Patch0354: backport-0081-verifiers-Fix-calling-uninitialized-function-pointer.patch
Patch0355: backport-templates-Fix-bad-test-on-GRUB_DISABLE_SUBMENU.patch Patch0355: backport-templates-Fix-bad-test-on-GRUB_DISABLE_SUBMENU.patch
Patch0356: backport-CVE-2021-3981-restore-umask-for-the-grub.patch

8
grub2.spec
View File

@ -8,7 +8,7 @@
Name: grub2 Name: grub2
Epoch: 1 Epoch: 1
Version: 2.04 Version: 2.04
Release: 22 Release: 23
Summary: Bootloader with support for Linux, Multiboot and more Summary: Bootloader with support for Linux, Multiboot and more
License: GPLv3+ License: GPLv3+
URL: http://www.gnu.org/software/grub/ URL: http://www.gnu.org/software/grub/
@ -450,6 +450,12 @@ rm -r /boot/grub2.tmp/ || :
%{_datadir}/man/man* %{_datadir}/man/man*
%changelog %changelog
* Wed Mar 16 2022 xihaochen <xihaochen@h-partners.com> - 2.04-23
- Type:CVE
- CVE:CVE-2021-3981
- SUG:NA
- DESC:Fix CVE-2021-3981
* Sat Feb 26 2022 zhangqiumiao <zhangqiumiao1@huawei.com> - 2.04-22 * Sat Feb 26 2022 zhangqiumiao <zhangqiumiao1@huawei.com> - 2.04-22
- Type:bugfix - Type:bugfix
- CVE:NA - CVE:NA