## @file # Security Fixes for SecurityPkg # # Copyright (c) Microsoft Corporation # SPDX-License-Identifier: BSD-2-Clause-Patent ## CVE_2023_45229: commit_titles: - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Patch" - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Unit Tests" cve: CVE-2023-45229 date_reported: 2023-08-28 13:56 UTC description: "Bug 01 - edk2/NetworkPkg: Out-of-bounds read when processing IA_NA/IA_TA options in a DHCPv6 Advertise message" note: files_impacted: - NetworkPkg\Dhcp6Dxe\Dhcp6Io.c - NetworkPkg\Dhcp6Dxe\Dhcp6Impl.h links: - https://bugzilla.tianocore.org/show_bug.cgi?id=4534 - https://nvd.nist.gov/vuln/detail/CVE-2023-45229 - http://www.openwall.com/lists/oss-security/2024/01/16/2 - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html CVE_2023_45230: commit_titles: - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch" - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Unit Tests" cve: CVE-2023-45230 date_reported: 2023-08-28 13:56 UTC description: "Bug 02 - edk2/NetworkPkg: Buffer overflow in the DHCPv6 client via a long Server ID option" note: files_impacted: - NetworkPkg\Dhcp6Dxe\Dhcp6Io.c - NetworkPkg\Dhcp6Dxe\Dhcp6Impl.h links: - https://bugzilla.tianocore.org/show_bug.cgi?id=4535 - https://nvd.nist.gov/vuln/detail/CVE-2023-45230 - http://www.openwall.com/lists/oss-security/2024/01/16/2 - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html CVE_2023_45231: commit_titles: - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45231 Patch" - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45231 Unit Tests" cve: CVE-2023-45231 date_reported: 2023-08-28 13:56 UTC description: "Bug 03 - edk2/NetworkPkg: Out-of-bounds read when handling a ND Redirect message with truncated options" note: files_impacted: - NetworkPkg/Ip6Dxe/Ip6Option.c links: - https://bugzilla.tianocore.org/show_bug.cgi?id=4536 - https://nvd.nist.gov/vuln/detail/CVE-2023-45231 - http://www.openwall.com/lists/oss-security/2024/01/16/2 - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html CVE_2023_45232: commit_titles: - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45232 Patch" - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45232 Unit Tests" cve: CVE-2023-45232 date_reported: 2023-08-28 13:56 UTC description: "Bug 04 - edk2/NetworkPkg: Infinite loop when parsing unknown options in the Destination Options header" note: files_impacted: - NetworkPkg/Ip6Dxe/Ip6Option.c - NetworkPkg/Ip6Dxe/Ip6Option.h links: - https://bugzilla.tianocore.org/show_bug.cgi?id=4537 - https://nvd.nist.gov/vuln/detail/CVE-2023-45232 - http://www.openwall.com/lists/oss-security/2024/01/16/2 - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html CVE_2023_45233: commit_titles: - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45232 Patch" - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45232 Unit Tests" cve: CVE-2023-45233 date_reported: 2023-08-28 13:56 UTC description: "Bug 05 - edk2/NetworkPkg: Infinite loop when parsing a PadN option in the Destination Options header " note: This was fixed along with CVE-2023-45233 files_impacted: - NetworkPkg/Ip6Dxe/Ip6Option.c - NetworkPkg/Ip6Dxe/Ip6Option.h links: - https://bugzilla.tianocore.org/show_bug.cgi?id=4538 - https://nvd.nist.gov/vuln/detail/CVE-2023-45233 - http://www.openwall.com/lists/oss-security/2024/01/16/2 - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html CVE_2023_45234: commit_titles: - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45234 Patch" - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45234 Unit Tests" cve: CVE-2023-45234 date_reported: 2023-08-28 13:56 UTC description: "Bug 06 - edk2/NetworkPkg: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message" note: files_impacted: - NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c links: - https://bugzilla.tianocore.org/show_bug.cgi?id=4539 - https://nvd.nist.gov/vuln/detail/CVE-2023-45234 - http://www.openwall.com/lists/oss-security/2024/01/16/2 - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html CVE_2023_45235: commit_titles: - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45235 Patch" - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45235 Unit Tests" cve: CVE-2023-45235 date_reported: 2023-08-28 13:56 UTC description: "Bug 07 - edk2/NetworkPkg: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message" note: files_impacted: - NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c - NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.h links: - https://bugzilla.tianocore.org/show_bug.cgi?id=4540 - https://nvd.nist.gov/vuln/detail/CVE-2023-45235 - http://www.openwall.com/lists/oss-security/2024/01/16/2 - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html