proxmox-mirrors/grub2
1
0
Fork 0
mirror of https://git.proxmox.com/git/grub2 synced 2025-07-21 01:58:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
9c5565135f
grub2/grub-core/mmap
History
Javier Martinez Canillas d298b41f90 mmap: Don't register cutmem and badram commands when lockdown is enforced 
The cutmem and badram commands can be used to remove EFI memory regions
and potentially disable the UEFI Secure Boot. Prevent the commands to be
registered if the GRUB is locked down.

Fixes: CVE-2020-27779

Reported-by: Teddy Reed <teddy.reed@gmail.com>
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2021-03-02 15:54:15 +01:00
..
efi Translate UEFI persistent memory type 2015-12-15 10:25:34 +03:00
i386 xen: Prepare common code for Xen PVH support 2018-12-12 12:03:27 +01:00
mips Remove nested functions from memory map iterators. 2013-01-15 12:02:35 +00:00
mmap.c mmap: Don't register cutmem and badram commands when lockdown is enforced 2021-03-02 15:54:15 +01:00