mirror/edk2.git - mirror/edk2.git

diff options

author	Doug Flick <dougflick@microsoft.com>	2024-01-26 05:54:52 +0800
committer	mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2024-02-06 19:24:26 +0000
commit	1b53515d53d303166b2bbd31e2cc7f16fd0aecd7 (patch)
tree	d7a225dffe09968143c84235101b0d4112fcc1c1 /NetworkPkg/DnsDxe
parent	c9c87f08dd6ace36fa843424522c3558a8374cac (diff)
download	edk2-1b53515d53d303166b2bbd31e2cc7f16fd0aecd7.tar.gz

NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234 Patch

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4539 Bug Details: PixieFail Bug #6 CVE-2023-45234 CVSS 8.3 : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message Change Overview: Introduces a function to cache the Dns Server and perform sanitizing on the incoming DnsServerLen to ensure that the length is valid > + EFI_STATUS > + PxeBcCacheDnsServerAddresses ( > + IN PXEBC_PRIVATE_DATA *Private, > + IN PXEBC_DHCP6_PACKET_CACHE *Cache6 > + ) Additional code cleanup Cc: Saloni Kasbekar <saloni.kasbekar@intel.com> Cc: Zachary Clark-williams <zachary.clark-williams@intel.com> Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com> Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>

Diffstat (limited to 'NetworkPkg/DnsDxe')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: