On Wed Jan 28, 2026 at 6:09 AM CET, Hitendra Prajapati via lists.openembedded.org wrote: > Upstream-Status: Backport from > https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=954c48b9c833d64b74ced1f27701af2ea5c6f55a > && > https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=patch;h=10e58a14db20e17d1b6a39abe38df01fef98e29d
Thanks for the patch. But the commit message needs improvement: Please add a justification as to why you think this particular patch fixes this CVE: Cited in the NVD report? upstream? another source? Also, this "Upstream-Status:" line is only useful in patches, you can remove it from the commit message. > Signed-off-by: Hitendra Prajapati <[email protected]> > --- > .../grub/files/CVE-2025-54770-01.patch | 138 ++++++++++++++++++ > .../grub/files/CVE-2025-54770-02.patch | 39 +++++ > meta/recipes-bsp/grub/grub2.inc | 2 + > 3 files changed, 179 insertions(+) > create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-54770-01.patch > create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-54770-02.patch > > diff --git a/meta/recipes-bsp/grub/files/CVE-2025-54770-01.patch > b/meta/recipes-bsp/grub/files/CVE-2025-54770-01.patch > new file mode 100644 > index 0000000000..ea749fc8f6 > --- /dev/null > +++ b/meta/recipes-bsp/grub/files/CVE-2025-54770-01.patch > @@ -0,0 +1,138 @@ > +From 954c48b9c833d64b74ced1f27701af2ea5c6f55a Mon Sep 17 00:00:00 2001 > +From: Chad Kimes <[email protected]> > +Date: Mon, 21 Mar 2022 17:29:16 -0400 > +Subject: [PATCH] net/net: Add net_set_vlan command > + > +Previously there was no way to set the 802.1Q VLAN identifier, despite > +support for vlantag in the net module. The only location vlantag was > +being populated was from PXE boot and only for Open Firmware hardware. > +This commit allows users to manually configure VLAN information for any > +interface. > + > +Example usage: > + grub> net_ls_addr > + efinet1 00:11:22:33:44:55 192.0.2.100 > + grub> net_set_vlan efinet1 100 > + grub> net_ls_addr > + efinet1 00:11:22:33:44:55 192.0.2.100 vlan100 > + grub> net_set_vlan efinet1 0 > + efinet1 00:11:22:33:44:55 192.0.2.100 > + > +Signed-off-by: Chad Kimes <[email protected]> > +Reviewed-by: Daniel Kiper <[email protected]> > + > +CVE: CVE-2025-54770 > +Upstream-Status: Backport > [https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=954c48b9c833d64b74ced1f27701af2ea5c6f55a] > +Signed-off-by: Hitendra Prajapati <[email protected]> > +--- > + docs/grub.texi | 20 ++++++++++++++++++++ > + grub-core/net/net.c | 41 ++++++++++++++++++++++++++++++++++++++++- > + 2 files changed, 60 insertions(+), 1 deletion(-) > + > +diff --git a/docs/grub.texi b/docs/grub.texi > +index f8b4b3b..f7fc6d7 100644 > +--- a/docs/grub.texi > ++++ b/docs/grub.texi > +@@ -5493,6 +5493,7 @@ This command is only available on AArch64 systems. > + * net_ls_dns:: List DNS servers > + * net_ls_routes:: List routing entries > + * net_nslookup:: Perform a DNS lookup > ++* net_set_vlan:: Set vlan id on an interface > + @end menu > + > + > +@@ -5669,6 +5670,25 @@ is given, use default list of servers. > + @end deffn > + > + > ++@node net_set_vlan > ++@subsection net_set_vlan > ++ > ++@deffn Command net_set_vlan @var{interface} @var{vlanid} > ++Set the 802.1Q VLAN identifier on @var{interface} to @var{vlanid}. For > example, > ++to set the VLAN identifier on interface @samp{efinet1} to @samp{100}: > ++ > ++@example > ++net_set_vlan efinet1 100 > ++@end example > ++ > ++The VLAN identifier can be removed by setting it to @samp{0}: > ++ > ++@example > ++net_set_vlan efinet1 0 > ++@end example > ++@end deffn > ++ > ++ > + @node Internationalisation > + @chapter Internationalisation > + > +diff --git a/grub-core/net/net.c b/grub-core/net/net.c > +index ec7f01c..03ede6d 100644 > +--- a/grub-core/net/net.c > ++++ b/grub-core/net/net.c > +@@ -1162,6 +1162,42 @@ grub_cmd_addroute (struct grub_command *cmd > __attribute__ ((unused)), > + } > + } > + > ++static grub_err_t > ++grub_cmd_setvlan (struct grub_command *cmd __attribute__ ((unused)), > ++ int argc, char **args) > ++{ > ++ const char *vlan_string, *vlan_string_end; > ++ unsigned long vlantag; > ++ struct grub_net_network_level_interface *inter; > ++ > ++ if (argc != 2) > ++ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("two arguments expected")); > ++ > ++ vlan_string = args[1]; > ++ vlantag = grub_strtoul (vlan_string, &vlan_string_end, 10); > ++ > ++ if (*vlan_string == '\0' || *vlan_string_end != '\0') > ++ return grub_error (GRUB_ERR_BAD_NUMBER, > ++ N_("non-numeric or invalid number `%s'"), vlan_string); > ++ > ++ if (vlantag > 4094) > ++ return grub_error (GRUB_ERR_OUT_OF_RANGE, > ++ N_("vlan id `%s' not in the valid range of 0-4094"), > ++ vlan_string); > ++ > ++ FOR_NET_NETWORK_LEVEL_INTERFACES (inter) > ++ { > ++ if (grub_strcmp (inter->name, args[0]) != 0) > ++ continue; > ++ > ++ inter->vlantag = vlantag; > ++ return GRUB_ERR_NONE; > ++ } > ++ > ++ return grub_error (GRUB_ERR_BAD_ARGUMENT, > ++ N_("network interface not found")); > ++} > ++ > + static void > + print_net_address (const grub_net_network_level_netaddress_t *target) > + { > +@@ -1876,7 +1912,7 @@ grub_net_search_config_file (char *config, grub_size_t > config_buf_len) > + static struct grub_preboot *fini_hnd; > + > + static grub_command_t cmd_addaddr, cmd_deladdr, cmd_addroute, cmd_delroute; > +-static grub_command_t cmd_lsroutes, cmd_lscards; > ++static grub_command_t cmd_setvlan, cmd_lsroutes, cmd_lscards; > + static grub_command_t cmd_lsaddr, cmd_slaac; > + > + GRUB_MOD_INIT(net) > +@@ -1914,6 +1950,9 @@ GRUB_MOD_INIT(net) > + cmd_delroute = grub_register_command ("net_del_route", grub_cmd_delroute, > + N_("SHORTNAME"), > + N_("Delete a network route.")); > ++ cmd_setvlan = grub_register_command ("net_set_vlan", grub_cmd_setvlan, > ++ N_("SHORTNAME VLANID"), > ++ N_("Set an interface's vlan id.")); > + cmd_lsroutes = grub_register_command ("net_ls_routes", > grub_cmd_listroutes, > + "", N_("list network routes")); > + cmd_lscards = grub_register_command ("net_ls_cards", grub_cmd_listcards, > +-- > +2.50.1 > + > diff --git a/meta/recipes-bsp/grub/files/CVE-2025-54770-02.patch > b/meta/recipes-bsp/grub/files/CVE-2025-54770-02.patch > new file mode 100644 > index 0000000000..bc56997726 > --- /dev/null > +++ b/meta/recipes-bsp/grub/files/CVE-2025-54770-02.patch > @@ -0,0 +1,39 @@ > +From 10e58a14db20e17d1b6a39abe38df01fef98e29d Mon Sep 17 00:00:00 2001 > +From: Thomas Frauendorfer | Miray Software <[email protected]> > +Date: Fri, 9 May 2025 14:20:47 +0200 > +Subject: [PATCH] net/net: Unregister net_set_vlan command on unload > + > +The commit 954c48b9c (net/net: Add net_set_vlan command) added command > +net_set_vlan to the net module. Unfortunately the commit only added the > +grub_register_command() call on module load but missed the > +grub_unregister_command() on unload. Let's fix this. > + > +Fixes: CVE-2025-54770 > +Fixes: 954c48b9c (net/net: Add net_set_vlan command) > + > +Reported-by: Thomas Frauendorfer | Miray Software <[email protected]> > +Signed-off-by: Thomas Frauendorfer | Miray Software <[email protected]> > +Reviewed-by: Daniel Kiper <[email protected]> > + > +CVE: CVE-2025-54770 > +Upstream-Status: Backport > [https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=patch;h=10e58a14db20e17d1b6a39abe38df01fef98e29d] > +Signed-off-by: Hitendra Prajapati <[email protected]> > +--- > + grub-core/net/net.c | 1 + > + 1 file changed, 1 insertion(+) > + > +diff --git a/grub-core/net/net.c b/grub-core/net/net.c > +index 03ede6d..e66d192 100644 > +--- a/grub-core/net/net.c > ++++ b/grub-core/net/net.c > +@@ -1980,6 +1980,7 @@ GRUB_MOD_FINI(net) > + grub_unregister_command (cmd_deladdr); > + grub_unregister_command (cmd_addroute); > + grub_unregister_command (cmd_delroute); > ++ grub_unregister_command (cmd_setvlan); > + grub_unregister_command (cmd_lsroutes); > + grub_unregister_command (cmd_lscards); > + grub_unregister_command (cmd_lsaddr); > +-- > +2.50.1 > + > diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc > index 4744e26693..b21afe34f7 100644 > --- a/meta/recipes-bsp/grub/grub2.inc > +++ b/meta/recipes-bsp/grub/grub2.inc > @@ -63,6 +63,8 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ > file://CVE-2025-61661.patch \ > file://CVE-2025-61662.patch \ > file://CVE-2025-61663_61664.patch \ > + file://CVE-2025-54770-01.patch \ > + file://CVE-2025-54770-02.patch \ > " > > SRC_URI[sha256sum] = > "23b64b4c741569f9426ed2e3d0e6780796fca081bee4c99f62aa3f53ae803f5f" -- Yoann Congal Smile ECS
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#231669): https://lists.openembedded.org/g/openembedded-core/message/231669 Mute This Topic: https://lists.openembedded.org/mt/117503510/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
