sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
1c440a5eceedc64e892877eeac0f1a4938f5abbb
system76-edk2/NetworkPkg
History
Doug Flick 1c440a5ece NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Related Patch 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4673
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4534

This was not part of the Quarkslab bugs however the same pattern
as CVE-2023-45229 exists in Dhcp6UpdateIaInfo.

This patch replaces the code in question with the safe function
created to patch CVE-2023-45229

>
>   if (EFI_ERROR (
>        Dhcp6SeekInnerOptionSafe (
>          Instance->Config->IaDescriptor.Type,
>          Option,
>          OptionLen,
>          &IaInnerOpt,
>          &IaInnerLen
>          )
>        ))
>  {
>    return EFI_DEVICE_ERROR;
>  }
>

Additionally corrects incorrect usage of macro to read the status

> - StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)DHCP6_OFFSET_OF_OPT_LEN
 (Option)));
> + StsCode = NTOHS (ReadUnaligned16 ((UINT16 *)
DHCP6_OFFSET_OF_STATUS_CODE (Option));

Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com>
2024-02-14 03:28:11 +00:00
..
Application/VConfig
NetworkPkg: Apply uncrustify changes
2021-12-07 17:24:28 +00:00
ArpDxe
NetworkPkg: Apply uncrustify changes
2021-12-07 17:24:28 +00:00
Dhcp4Dxe
NetworkPkg: Apply uncrustify changes
2021-12-07 17:24:28 +00:00
Dhcp6Dxe
NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Related Patch
2024-02-14 03:28:11 +00:00
DnsDxe
NetworkPkg: Apply uncrustify changes
2021-12-07 17:24:28 +00:00
DpcDxe
NetworkPkg: Apply uncrustify changes
2021-12-07 17:24:28 +00:00
HttpBootDxe
NetworkPkg: Increase HTTP buffer size and enable TCP window scaling
2023-09-08 20:49:49 +00:00
HttpDxe
NetworkPkg/HttpDxe: Add HttpEventTlsConfigured HTTP callback event
2024-01-10 03:19:31 +00:00
HttpUtilitiesDxe
NetworkPkg: Apply uncrustify changes
2021-12-07 17:24:28 +00:00
Include
NetworkPkg/HttpDxe: Add HttpEventTlsConfigured HTTP callback event
2024-01-10 03:19:31 +00:00
Ip4Dxe
NetworkPkg/Ip4Dxe: Fix Reset To Default
2024-01-19 03:30:22 +00:00
Ip6Dxe
NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45232 Unit Tests
2024-02-06 19:24:26 +00:00
IScsiDxe
NetworkPkg: Update code to be more C11 compliant by using __func__
2023-04-10 14:19:57 +00:00
Library
NetworkPkg: Fix conditionally uninitialized variables
2023-04-03 15:29:08 +00:00
MnpDxe
NetworkPkg: Apply uncrustify changes
2021-12-07 17:24:28 +00:00
Mtftp4Dxe
NetworkPkg: Apply uncrustify changes
2021-12-07 17:24:28 +00:00
Mtftp6Dxe
NetworkPkg: Apply uncrustify changes
2021-12-07 17:24:28 +00:00
SnpDxe
NetworkPkg: Apply uncrustify changes
2021-12-07 17:24:28 +00:00
TcpDxe
NetworkPkg: RFC1323 definition changed to RFC7323
2024-01-16 01:17:34 +00:00
Test
NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45235 Unit Tests
2024-02-06 19:24:26 +00:00
TlsAuthConfigDxe
NetworkPkg: Apply uncrustify changes
2021-12-07 17:24:28 +00:00
TlsDxe
NetworkPkg: Apply uncrustify changes
2021-12-07 17:24:28 +00:00
Udp4Dxe
NetworkPkg: Apply uncrustify changes
2021-12-07 17:24:28 +00:00
Udp6Dxe
NetworkPkg: Apply uncrustify changes
2021-12-07 17:24:28 +00:00
UefiPxeBcDxe
NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45235 Unit Tests
2024-02-06 19:24:26 +00:00
VlanConfigDxe
NetworkPkg: Apply uncrustify changes
2021-12-07 17:24:28 +00:00
WifiConnectionManagerDxe
NetworkPkg: Triger regularly scan only if not connect to AP
2024-01-15 03:49:30 +00:00
Network.dsc.inc
NetworkPkg: Add LoongArch64 architecture.
2022-10-14 02:16:33 +00:00
Network.fdf.inc
NetworkPkg: Add NETWORK_HTTP_ENABLE macro
2020-12-03 17:08:11 +00:00
NetworkBuildOptions.dsc.inc
NetworkPkg: Remove RVCT support
2022-05-13 14:58:54 +00:00
NetworkComponents.dsc.inc
NetworkPkg: Add NETWORK_HTTP_ENABLE macro
2020-12-03 17:08:11 +00:00
NetworkDefines.dsc.inc
NetworkPkg: introduce the NETWORK_ISCSI_MD5_ENABLE feature test macro
2021-06-30 19:20:41 +00:00
NetworkLibs.dsc.inc
NetworkPkg: Add Http IO Helper Library to NetworkPkg
2020-12-04 11:45:07 +00:00
NetworkPcds.dsc.inc
NetworkPkg: Add DSC/FDF include segment files to NetworkPkg.
2019-05-08 16:10:39 +08:00
NetworkPkg.ci.yaml
NetworkPkg: : Add Unit tests to CI and create Host Test DSC
2024-02-06 19:24:26 +00:00
NetworkPkg.dec
NetworkPkg: Add WiFi profile sync protocol support
2023-01-10 21:31:29 +00:00
NetworkPkg.dsc
MdeModulePkg: Duplicate BaseRngLibTimerLib to MdeModulePkg
2023-09-08 09:48:55 +00:00
NetworkPkg.uni
NetworkPkg: Add PCDs for HTTP DNS RetryCount and RetryInterval
2022-04-11 15:12:46 +00:00
NetworkPkgExtra.uni
NetworkPkg: Replace BSD License with BSD+Patent License
2019-04-09 10:58:15 -07:00
SecurityFixes.yaml
NetworkPkg: : Adds a SecurityFix.yaml file
2024-02-06 19:24:26 +00:00