tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
audk/NetworkPkg
History
Doug Flick fac297724e NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45235 Patch 
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4540

Bug Details:
PixieFail Bug #7
CVE-2023-45235
CVSS 8.3 : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
CWE-119 Improper Restriction of Operations within the Bounds of
 a Memory Buffer

Buffer overflow when handling Server ID option from a DHCPv6 proxy
Advertise message

Change Overview:

Performs two checks

1. Checks that the length of the duid is accurate
> + //
> + // Check that the minimum and maximum requirements are met
> + //
> + if ((OpLen < PXEBC_MIN_SIZE_OF_DUID) ||
(OpLen > PXEBC_MAX_SIZE_OF_DUID)) {
> +  Status = EFI_INVALID_PARAMETER;
> +  goto ON_ERROR;
> + }

2. Ensures that the amount of data written to the buffer is tracked and
never exceeds that
> + //
> + // Check that the option length is valid.
> + //
> + if ((DiscoverLen + OpLen + PXEBC_COMBINED_SIZE_OF_OPT_CODE_AND_LEN)
 > DiscoverLenNeeded) {
> +     Status = EFI_OUT_OF_RESOURCES;
> +     goto ON_ERROR;
> + }

Additional code clean up and fix for memory leak in case Option was NULL

Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>

Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
 		2024-02-06 19:24:26 +00:00
..
Application/VConfig NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
ArpDxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
Dhcp4Dxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
Dhcp6Dxe NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Unit Tests 2024-02-06 19:24:26 +00:00
DnsDxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
DpcDxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
HttpBootDxe NetworkPkg: Increase HTTP buffer size and enable TCP window scaling 2023-09-08 20:49:49 +00:00
HttpDxe NetworkPkg/HttpDxe: Add HttpEventTlsConfigured HTTP callback event 2024-01-10 03:19:31 +00:00
HttpUtilitiesDxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
IScsiDxe NetworkPkg: Update code to be more C11 compliant by using __func__ 2023-04-10 14:19:57 +00:00
Include NetworkPkg/HttpDxe: Add HttpEventTlsConfigured HTTP callback event 2024-01-10 03:19:31 +00:00
Ip4Dxe NetworkPkg/Ip4Dxe: Fix Reset To Default 2024-01-19 03:30:22 +00:00
Ip6Dxe NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45232 Unit Tests 2024-02-06 19:24:26 +00:00
Library NetworkPkg: Fix conditionally uninitialized variables 2023-04-03 15:29:08 +00:00
MnpDxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
Mtftp4Dxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
Mtftp6Dxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
SnpDxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
TcpDxe NetworkPkg: RFC1323 definition changed to RFC7323 2024-01-16 01:17:34 +00:00
Test NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234 Unit Tests 2024-02-06 19:24:26 +00:00
TlsAuthConfigDxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
TlsDxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
Udp4Dxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
Udp6Dxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
UefiPxeBcDxe NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45235 Patch 2024-02-06 19:24:26 +00:00
VlanConfigDxe NetworkPkg: Apply uncrustify changes 2021-12-07 17:24:28 +00:00
WifiConnectionManagerDxe NetworkPkg: Triger regularly scan only if not connect to AP 2024-01-15 03:49:30 +00:00
Network.dsc.inc NetworkPkg: Add LoongArch64 architecture. 2022-10-14 02:16:33 +00:00
Network.fdf.inc NetworkPkg: Add NETWORK_HTTP_ENABLE macro 2020-12-03 17:08:11 +00:00
NetworkBuildOptions.dsc.inc NetworkPkg: Remove RVCT support 2022-05-13 14:58:54 +00:00
NetworkComponents.dsc.inc NetworkPkg: Add NETWORK_HTTP_ENABLE macro 2020-12-03 17:08:11 +00:00
NetworkDefines.dsc.inc NetworkPkg: introduce the NETWORK_ISCSI_MD5_ENABLE feature test macro 2021-06-30 19:20:41 +00:00
NetworkLibs.dsc.inc NetworkPkg: Add Http IO Helper Library to NetworkPkg 2020-12-04 11:45:07 +00:00
NetworkPcds.dsc.inc NetworkPkg: Add DSC/FDF include segment files to NetworkPkg. 2019-05-08 16:10:39 +08:00
NetworkPkg.ci.yaml NetworkPkg: : Add Unit tests to CI and create Host Test DSC 2024-02-06 19:24:26 +00:00
NetworkPkg.dec NetworkPkg: Add WiFi profile sync protocol support 2023-01-10 21:31:29 +00:00
NetworkPkg.dsc MdeModulePkg: Duplicate BaseRngLibTimerLib to MdeModulePkg 2023-09-08 09:48:55 +00:00
NetworkPkg.uni NetworkPkg: Add PCDs for HTTP DNS RetryCount and RetryInterval 2022-04-11 15:12:46 +00:00
NetworkPkgExtra.uni NetworkPkg: Replace BSD License with BSD+Patent License 2019-04-09 10:58:15 -07:00