mirror of
https://github.com/acidanthera/audk.git
synced 2025-07-23 21:54:27 +02:00
SecurityPkg: : Adding CVE 2022-36763 to SecurityFixes.yaml
This creates / adds a security file that tracks the security fixes found in this package and can be used to find the fixes that were applied. Cc: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
This commit is contained in:
parent
4776a1b39e
commit
1ddcb9fc6b
22
SecurityPkg/SecurityFixes.yaml
Normal file
22
SecurityPkg/SecurityFixes.yaml
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
## @file
|
||||||
|
# Security Fixes for SecurityPkg
|
||||||
|
#
|
||||||
|
# Copyright (c) Microsoft Corporation
|
||||||
|
# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||||
|
##
|
||||||
|
CVE_2022_36763:
|
||||||
|
commit_titles:
|
||||||
|
- "SecurityPkg: DxeTpm2Measurement: SECURITY PATCH 4117 - CVE 2022-36763"
|
||||||
|
- "SecurityPkg: DxeTpmMeasurement: SECURITY PATCH 4117 - CVE 2022-36763"
|
||||||
|
- "SecurityPkg: : Adding CVE 2022-36763 to SecurityFixes.yaml"
|
||||||
|
cve: CVE-2022-36763
|
||||||
|
date_reported: 2022-10-25 11:31 UTC
|
||||||
|
description: (CVE-2022-36763) - Heap Buffer Overflow in Tcg2MeasureGptTable()
|
||||||
|
note: This patch is related to and supersedes TCBZ2168
|
||||||
|
files_impacted:
|
||||||
|
- Library\DxeTpm2MeasureBootLib\DxeTpm2MeasureBootLib.c
|
||||||
|
- Library\DxeTpmMeasureBootLib\DxeTpmMeasureBootLib.c
|
||||||
|
links:
|
||||||
|
- https://bugzilla.tianocore.org/show_bug.cgi?id=4117
|
||||||
|
- https://bugzilla.tianocore.org/show_bug.cgi?id=2168
|
||||||
|
- https://bugzilla.tianocore.org/show_bug.cgi?id=1990
|
Loading…
x
Reference in New Issue
Block a user