mirror of
https://git.yoctoproject.org/poky
synced 2026-05-18 14:27:55 +02:00
f5fe6f2a64
Fix grub issue with module dereferencing. From the official description from NVD [1]: The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. This patch is a part of a bigger security collection for grub [2]. [1] https://nvd.nist.gov/vuln/detail/CVE-2020-25632 [2] https://lists.gnu.org/archive/html/grub-devel/2021-03/msg00007.html (From OE-Core rev: d61b9588e5691ef390cfc0f03dc6cb0d142f36de) Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>