edk2.git - Cross-platform firmware development environment

diff options

author	Doug Flick via groups.io <dougflick=microsoft.com@groups.io>	2024-01-26 05:54:46 +0800
committer	mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2024-02-06 19:24:26 +0000
commit	1dbb10cc52dc8ef49bb700daa1cefc76b26d52e0 (patch)
tree	9d0d33e575c632c893baf71437b3b38ca31489ce /ArmPkg/Include
parent	5f3658197bf29c83b3349b0ab1d99cdb0c3814bc (diff)
download	edk2-1dbb10cc52dc8ef49bb700daa1cefc76b26d52e0.tar.gz edk2-1dbb10cc52dc8ef49bb700daa1cefc76b26d52e0.tar.bz2 edk2-1dbb10cc52dc8ef49bb700daa1cefc76b26d52e0.zip

NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Patch

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4534 Bug Details: PixieFail Bug #1 CVE-2023-45229 CVSS 6.5 : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CWE-125 Out-of-bounds Read Change Overview: Introduce Dhcp6SeekInnerOptionSafe which performs checks before seeking the Inner Option from a DHCP6 Option. > > EFI_STATUS > Dhcp6SeekInnerOptionSafe ( > IN UINT16 IaType, > IN UINT8 *Option, > IN UINT32 OptionLen, > OUT UINT8 **IaInnerOpt, > OUT UINT16 *IaInnerLen > ); > Lots of code cleanup to improve code readability. Cc: Saloni Kasbekar <saloni.kasbekar@intel.com> Cc: Zachary Clark-williams <zachary.clark-williams@intel.com> Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com> Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>

Diffstat (limited to 'ArmPkg/Include')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: