]> git.ipfire.org Git - thirdparty/grub.git/commit
projects / thirdparty / grub.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 26db660) | patch
fs: Disable many filesystems under lockdown
authorDaniel Axtens <dja@axtens.net>
Sat, 23 Mar 2024 05:20:45 +0000 (16:20 +1100)
committerDaniel Kiper <daniel.kiper@oracle.com>
Thu, 13 Feb 2025 14:45:56 +0000 (15:45 +0100)
commitc4bc55da28543d2522a939ba4ee0acde45f2fa74
tree5495d7c8f012a293506f869b25d17784c05d6f41tree
parent26db6605036bd9e5b16d9068a8cc75be63b8b630commit | diff
fs: Disable many filesystems under lockdown

The idea is to permit the following: btrfs, cpio, exfat, ext, f2fs, fat,
hfsplus, iso9660, squash4, tar, xfs and zfs.

The JFS, ReiserFS, romfs, UDF and UFS security vulnerabilities were
reported by Jonathan Bar Or <jonathanbaror@gmail.com>.

Fixes: CVE-2025-0677
Fixes: CVE-2025-0684
Fixes: CVE-2025-0685
Fixes: CVE-2025-0686
Fixes: CVE-2025-0689
Suggested-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
grub-core/fs/affs.c diff | blob | blame | history
grub-core/fs/cbfs.c diff | blob | blame | history
grub-core/fs/jfs.c diff | blob | blame | history
grub-core/fs/minix.c diff | blob | blame | history
grub-core/fs/nilfs2.c diff | blob | blame | history
grub-core/fs/ntfs.c diff | blob | blame | history
grub-core/fs/reiserfs.c diff | blob | blame | history
grub-core/fs/romfs.c diff | blob | blame | history
grub-core/fs/sfs.c diff | blob | blame | history
grub-core/fs/udf.c diff | blob | blame | history
grub-core/fs/ufs.c diff | blob | blame | history
Mirror of https://git.savannah.gnu.org/git/grub.git