From 66764598e44c4b742329dc1f5e61397bb6eaead2 Mon Sep 17 00:00:00 2001
From: Qiumiao Zhang <zhangqiumiao1@huawei.com>
Date: Tue, 8 Apr 2025 02:10:51 +0000
Subject: [PATCH] fix CVE-2024-56738

Signed-off-by: Qiumiao Zhang <zhangqiumiao1@huawei.com>
---
 backport-fix-CVE-2024-56738.patch | 42 +++++++++++++++++++++++++++++++
 grub.patches                      |  1 +
 grub2.spec                        |  8 +++++-
 3 files changed, 50 insertions(+), 1 deletion(-)
 create mode 100644 backport-fix-CVE-2024-56738.patch

diff --git a/backport-fix-CVE-2024-56738.patch b/backport-fix-CVE-2024-56738.patch
new file mode 100644
index 0000000..6ede75f
--- /dev/null
+++ b/backport-fix-CVE-2024-56738.patch
@@ -0,0 +1,42 @@
+From 8b1b47efd667ea3450681fa0c674045980e25360 Mon Sep 17 00:00:00 2001
+From: Jonathan Bar Or <jonathanbaror@gmail.com>
+Date: Mon, 7 Apr 2025 09:36:34 +0000
+Subject: [PATCH] fix CVE-2024-56738
+
+Reference:https://savannah.gnu.org/bugs/?66603
+Conflict:NA
+
+---
+ grub-core/lib/crypto.c | 12 ++++++------
+ 1 file changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c
+index d53ddbe..653aab7 100644
+--- a/grub-core/lib/crypto.c
++++ b/grub-core/lib/crypto.c
+@@ -440,16 +440,16 @@ grub_crypto_gcry_error (gcry_err_code_t in)
+ int
+ grub_crypto_memcmp (const void *a, const void *b, grub_size_t n)
+ {
+-  register grub_size_t counter = 0;
+-  const grub_uint8_t *pa, *pb;
++  register grub_uint8_t indicator = 0;
++  const grub_uint8_t *pa = a, *pb = b;
++  grub_size_t i;
+ 
+-  for (pa = a, pb = b; n; pa++, pb++, n--)
++  for (i = 0; i < n; i++)
+     {
+-      if (*pa != *pb)
+-	counter++;
++	indicator |= (pa[i] ^ pb[i]);
+     }
+ 
+-  return !!counter;
++  return !!indicator;
+ }
+ 
+ #ifndef GRUB_UTIL
+-- 
+2.33.0
+
diff --git a/grub.patches b/grub.patches
index 0412bd4..5b587d4 100644
--- a/grub.patches
+++ b/grub.patches
@@ -494,3 +494,4 @@ Patch0493: backport-0027-commands-minicmd-Block-the-dump-command-in-lockdown-.pa
 Patch0494: backport-0028-fs-bfs-Disable-under-lockdown.patch
 Patch0495: backport-0029-fs-Disable-many-filesystems-under-lockdown.patch
 Patch0496: backport-0030-fs-Prevent-overflows-when-allocating-memory-for-arra.patch
+Patch0497: backport-fix-CVE-2024-56738.patch
diff --git a/grub2.spec b/grub2.spec
index 30de1e0..fb2b6c9 100644
--- a/grub2.spec
+++ b/grub2.spec
@@ -8,7 +8,7 @@
 Name:		grub2
 Epoch:		1
 Version:	2.04
-Release:	40
+Release:	41
 Summary:	Bootloader with support for Linux, Multiboot and more
 License:	GPLv3+
 URL:		http://www.gnu.org/software/grub/
@@ -442,6 +442,12 @@ rm -r /boot/grub2.tmp/ || :
 %{_datadir}/man/man*
 
 %changelog
+* Tue Apr 8 2025 zhangqiumiao <zhangqiumiao1@huawei.com> - 1:2.04-41
+- Type:CVE
+- CVE:CVE-2024-56738
+- SUG:NA
+- DESC:fix CVE-2024-56738
+
 * Sat Feb 22 2025 zhangqiumiao <zhangqiumiao1@huawei.com> - 1:2.04-40
 - Type:CVE
 - CVE:CVE-2024-45781,CVE-2024-45782,CVE-2024-56737,CVE-2024-45780,CVE-2024-45783,CVE-2024-49504,CVE-2025-0624,CVE-20
-- 
Gitee