NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Unit Tests - edk2 - Cross-platform firmware development environment

diff options

author	Doug Flick via groups.io <dougflick=microsoft.com@groups.io>	2024-01-26 05:54:47 +0800
committer	mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2024-02-06 19:24:26 +0000
commit	07362769ab7a7d74dbea1c7a7a3662c7b5d1f097 (patch)
tree	b31e6e2373056bb93ccb0c9f368402907306ebe9 /BaseTools/Source/Python/FirmwareStorageFormat/SectionHeader.py
parent	1dbb10cc52dc8ef49bb700daa1cefc76b26d52e0 (diff)
download	edk2-07362769ab7a7d74dbea1c7a7a3662c7b5d1f097.tar.gz edk2-07362769ab7a7d74dbea1c7a7a3662c7b5d1f097.tar.bz2 edk2-07362769ab7a7d74dbea1c7a7a3662c7b5d1f097.zip

NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Unit Tests

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4534 These tests confirm that the report bug... "Out-of-bounds read when processing IA_NA/IA_TA options in a DHCPv6 Advertise message" ..has been patched. The following functions are tested to confirm an out of bounds read is patched and that the correct statuses are returned: Dhcp6SeekInnerOptionSafe Dhcp6SeekStsOption TCBZ4534 CVE-2023-45229 CVSS 6.5 : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CWE-125 Out-of-bounds Read Cc: Saloni Kasbekar <saloni.kasbekar@intel.com> Cc: Zachary Clark-williams <zachary.clark-williams@intel.com> Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com> Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>

Diffstat (limited to 'BaseTools/Source/Python/FirmwareStorageFormat/SectionHeader.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: