]> git.ipfire.org Git - thirdparty/grub.git/commit
projects / thirdparty / grub.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fca6c0a) | patch
net/bootp: Prevent a UAF in network interface unregister
authorLidong Chen <lidong.chen@oracle.com>
Tue, 21 Oct 2025 21:20:03 +0000 (21:20 +0000)
committerDaniel Kiper <daniel.kiper@oracle.com>
Fri, 24 Oct 2025 18:05:07 +0000 (20:05 +0200)
commitcd24e259108aa433115345952f5b7ed918de0afa
tree1e7998c8e8084c4b8df5aa6005a13115470cd55dtree | snapshot
parentfca6c0afdaec07a2bad91894b1deab63ad3211a9commit | diff
net/bootp: Prevent a UAF in network interface unregister

A UAF occurs in grub_net_network_level_interface_unregister()
when inter->name is accessed after being freed in grub_cmd_bootp().
Fix it by deferring grub_free(ifaces[j].name) until after
grub_net_network_level_interface_unregister() completes.

Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
grub-core/net/bootp.c diff | blob | blame | history
Mirror of https://git.savannah.gnu.org/git/grub.git