Javier Martinez Canillas 3e8e4c0549 acpi: Don't register the acpi command when locked down ...

The command is not allowed when lockdown is enforced. Otherwise an
attacker can instruct the GRUB to load an SSDT table to overwrite
the kernel lockdown configuration and later load and execute
unsigned code.

Fixes: CVE-2020-14372

Reported-by: Máté Kukri <km@mkukri.xyz>
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

2021-03-02 15:54:15 +01:00

..

man

Implement syslinux parser.

2013-12-18 05:28:05 +01:00

autoiso.cfg

* docs/autoiso.cfg: New file.

2013-10-27 20:34:24 +01:00

fdl.texi

2008-03-01 Yoshinori K. Okuji <okuji@enbug.org>

2008-03-01 17:27:51 +00:00

font_char_metrics.png

GRUB developper manual based on existing Internals section and

2011-04-03 15:30:28 +02:00

font_char_metrics.txt

GRUB developper manual based on existing Internals section and

2011-04-03 15:30:28 +02:00

grub-dev.texi

kern: Add lockdown support

2021-03-02 15:54:15 +01:00

grub.cfg

* docs/grub.cfg: Update.

2012-05-04 00:30:15 +02:00

grub.texi

acpi: Don't register the acpi command when locked down

2021-03-02 15:54:15 +01:00

Makefile.am

Fix make dist.

2012-02-28 12:58:57 +01:00

mdate-sh

2008-03-01 Yoshinori K. Okuji <okuji@enbug.org>

2008-03-01 17:27:51 +00:00

osdetect.cfg

* docs/osdetect.cfg: Add isolinux config to detected OSes.

2013-12-18 05:34:17 +01:00

texinfo.tex

remove all trailing whitespace

2009-06-10 21:04:23 +00:00