tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
audk/NetworkPkg
History
Doug Flick via groups.io f31453e8d6 NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch 
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4535

Bug Details:
PixieFail Bug #2
CVE-2023-45230
CVSS 8.3 : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
CWE-119 Improper Restriction of Operations within the Bounds
 of a Memory Buffer

Changes Overview:
> -UINT8 *
> +EFI_STATUS
>  Dhcp6AppendOption (
> -  IN OUT UINT8   *Buf,
> -  IN     UINT16  OptType,
> -  IN     UINT16  OptLen,
> -  IN     UINT8   *Data
> +  IN OUT EFI_DHCP6_PACKET  *Packet,
> +  IN OUT UINT8             **PacketCursor,
> +  IN     UINT16            OptType,
> +  IN     UINT16            OptLen,
> +  IN     UINT8             *Data
>    );

Dhcp6AppendOption() and variants can return errors now.  All callsites
are adapted accordingly.

It gets passed in EFI_DHCP6_PACKET as additional parameter ...

> +  //
> +  // Verify the PacketCursor is within the packet
> +  //
> +  if (  (*PacketCursor < Packet->Dhcp6.Option)
> +     || (*PacketCursor >= Packet->Dhcp6.Option +
 (Packet->Size - sizeof (EFI_DHCP6_HEADER))))
> +  {
> +    return EFI_INVALID_PARAMETER;
> +  }

... so it can look at Packet->Size when checking buffer space.
Also to allow Packet->Length updates.

Lots of checks added.

Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>

Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
 		2024-02-06 19:24:26 +00:00
..
Application/VConfig NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
ArpDxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
Dhcp4Dxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
Dhcp6Dxe NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch 2024-02-06 19:24:26 +00:00
DnsDxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
DpcDxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
HttpBootDxe NetworkPkg: Increase HTTP buffer size and enable TCP window scaling 2023-09-08 20:49:49 +00:00
HttpDxe NetworkPkg/HttpDxe: Add HttpEventTlsConfigured HTTP callback event 2024-01-10 03:19:31 +00:00
HttpUtilitiesDxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
IScsiDxe NetworkPkg: Update code to be more C11 compliant by using __func__ 2023-04-10 14:19:57 +00:00
Include NetworkPkg/HttpDxe: Add HttpEventTlsConfigured HTTP callback event 2024-01-10 03:19:31 +00:00
Ip4Dxe NetworkPkg/Ip4Dxe: Fix Reset To Default 2024-01-19 03:30:22 +00:00
Ip6Dxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
Library NetworkPkg: Fix conditionally uninitialized variables 2023-04-03 15:29:08 +00:00
MnpDxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
Mtftp4Dxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
Mtftp6Dxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
SnpDxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
TcpDxe NetworkPkg: RFC1323 definition changed to RFC7323 2024-01-16 01:17:34 +00:00
TlsAuthConfigDxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
TlsDxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
Udp4Dxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
Udp6Dxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
UefiPxeBcDxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
VlanConfigDxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
WifiConnectionManagerDxe NetworkPkg: Triger regularly scan only if not connect to AP 2024-01-15 03:49:30 +00:00
Network.dsc.inc NetworkPkg: Add LoongArch64 architecture. 2022-10-14 02:16:33 +00:00
Network.fdf.inc NetworkPkg: Add NETWORK_HTTP_ENABLE macro 2020-12-03 17:08:11 +00:00
NetworkBuildOptions.dsc.inc NetworkPkg: Remove RVCT support 2022-05-13 14:58:54 +00:00
NetworkComponents.dsc.inc NetworkPkg: Add NETWORK_HTTP_ENABLE macro 2020-12-03 17:08:11 +00:00
NetworkDefines.dsc.inc NetworkPkg: introduce the NETWORK_ISCSI_MD5_ENABLE feature test macro 2021-06-30 19:20:41 +00:00
NetworkLibs.dsc.inc NetworkPkg: Add Http IO Helper Library to NetworkPkg 2020-12-04 11:45:07 +00:00
NetworkPcds.dsc.inc
NetworkPkg.ci.yaml NetworkPkg: Add NETWORK_HTTP_ENABLE macro 2020-12-03 17:08:11 +00:00
NetworkPkg.dec NetworkPkg: Add WiFi profile sync protocol support 2023-01-10 21:31:29 +00:00
NetworkPkg.dsc MdeModulePkg: Duplicate BaseRngLibTimerLib to MdeModulePkg 2023-09-08 09:48:55 +00:00
NetworkPkg.uni NetworkPkg: Add PCDs for HTTP DNS RetryCount and RetryInterval 2022-04-11 15:12:46 +00:00
NetworkPkgExtra.uni