tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
audk/NetworkPkg/Dhcp6Dxe/GoogleTest
History
Doug Flick via groups.io 07362769ab NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Unit Tests 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4534

These tests confirm that the report bug...

"Out-of-bounds read when processing IA_NA/IA_TA options in a
DHCPv6 Advertise message"

..has been patched.

The following functions are tested to confirm an out of bounds read is
patched and that the correct statuses are returned:

Dhcp6SeekInnerOptionSafe
Dhcp6SeekStsOption

TCBZ4534
CVE-2023-45229
CVSS 6.5 : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE-125 Out-of-bounds Read

Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>

Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
 		2024-02-06 19:24:26 +00:00
..
Dhcp6DxeGoogleTest.cpp
Dhcp6DxeGoogleTest.inf NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Unit Tests 2024-02-06 19:24:26 +00:00
Dhcp6IoGoogleTest.cpp NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Unit Tests 2024-02-06 19:24:26 +00:00
Dhcp6IoGoogleTest.h NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Unit Tests 2024-02-06 19:24:26 +00:00