riscv-gnu-toolchain/qemu/roms/edk2.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Doug Flick <dougflick@microsoft.com>	2024-01-26 05:54:48 +0800
committer	mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2024-02-06 19:24:26 +0000
commit	bbfee34f4188ac00371abe1389ae9c9fb989a0cd (patch)
tree	c1566475cc1910310278edeffeafec4617cbed60 /NetworkPkg/ArpDxe
parent	07362769ab7a7d74dbea1c7a7a3662c7b5d1f097 (diff)
download	edk2-bbfee34f4188ac00371abe1389ae9c9fb989a0cd.zip edk2-bbfee34f4188ac00371abe1389ae9c9fb989a0cd.tar.gz edk2-bbfee34f4188ac00371abe1389ae9c9fb989a0cd.tar.bz2

NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45231 Patch

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4536 Bug Overview: PixieFail Bug #3 CVE-2023-45231 CVSS 6.5 : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CWE-125 Out-of-bounds Read Out-of-bounds read when handling a ND Redirect message with truncated options Change Overview: Adds a check to prevent truncated options from being parsed + // + // Cannot process truncated options. + // Cannot process options with a length of 0 as there is no Type field. + // + if (OptionLen < sizeof (IP6_OPTION_HEADER)) { + return FALSE; + } Cc: Saloni Kasbekar <saloni.kasbekar@intel.com> Cc: Zachary Clark-williams <zachary.clark-williams@intel.com> Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com> Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>

Diffstat (limited to 'NetworkPkg/ArpDxe')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: