171 lines
7.6 KiB
Diff
171 lines
7.6 KiB
Diff
From 3c1cf95b979cea6b0dee6e107756558a7a71d4ac Mon Sep 17 00:00:00 2001
|
|
From: Jon Maloy <jmaloy@redhat.com>
|
|
Date: Fri, 16 Feb 2024 10:48:05 -0500
|
|
Subject: [PATCH 14/18] NetworkPkg: : Adds a SecurityFix.yaml file
|
|
|
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
|
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
|
|
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
|
|
RH-Acked-by: Gerd Hoffmann <None>
|
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
|
RH-Commit: [14/18] dddbcbe14e38dc1bb03acf4622d6285090c4bb02
|
|
|
|
JIRA: https://issues.redhat.com/browse/RHEL-21853
|
|
CVE: CVE-2022-45235
|
|
Upstream: Merged
|
|
|
|
commit 1d0b95f6457d225c5108302a9da74b4ed7aa5a38
|
|
Author: Doug Flick via groups.io <dougflick=microsoft.com@groups.io>
|
|
Date: Fri Jan 26 05:54:57 2024 +0800
|
|
|
|
NetworkPkg: : Adds a SecurityFix.yaml file
|
|
|
|
This creates / adds a security file that tracks the security fixes
|
|
found in this package and can be used to find the fixes that were
|
|
applied.
|
|
|
|
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
|
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
|
|
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
|
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
|
|
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
|
---
|
|
NetworkPkg/SecurityFixes.yaml | 123 ++++++++++++++++++++++++++++++++++
|
|
1 file changed, 123 insertions(+)
|
|
create mode 100644 NetworkPkg/SecurityFixes.yaml
|
|
|
|
diff --git a/NetworkPkg/SecurityFixes.yaml b/NetworkPkg/SecurityFixes.yaml
|
|
new file mode 100644
|
|
index 0000000000..7e900483fe
|
|
--- /dev/null
|
|
+++ b/NetworkPkg/SecurityFixes.yaml
|
|
@@ -0,0 +1,123 @@
|
|
+## @file
|
|
+# Security Fixes for SecurityPkg
|
|
+#
|
|
+# Copyright (c) Microsoft Corporation
|
|
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
+##
|
|
+CVE_2023_45229:
|
|
+ commit_titles:
|
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Patch"
|
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Unit Tests"
|
|
+ cve: CVE-2023-45229
|
|
+ date_reported: 2023-08-28 13:56 UTC
|
|
+ description: "Bug 01 - edk2/NetworkPkg: Out-of-bounds read when processing IA_NA/IA_TA options in a DHCPv6 Advertise message"
|
|
+ note:
|
|
+ files_impacted:
|
|
+ - NetworkPkg\Dhcp6Dxe\Dhcp6Io.c
|
|
+ - NetworkPkg\Dhcp6Dxe\Dhcp6Impl.h
|
|
+ links:
|
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4534
|
|
+ - https://nvd.nist.gov/vuln/detail/CVE-2023-45229
|
|
+ - http://www.openwall.com/lists/oss-security/2024/01/16/2
|
|
+ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
|
+ - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
|
+CVE_2023_45230:
|
|
+ commit_titles:
|
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch"
|
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Unit Tests"
|
|
+ cve: CVE-2023-45230
|
|
+ date_reported: 2023-08-28 13:56 UTC
|
|
+ description: "Bug 02 - edk2/NetworkPkg: Buffer overflow in the DHCPv6 client via a long Server ID option"
|
|
+ note:
|
|
+ files_impacted:
|
|
+ - NetworkPkg\Dhcp6Dxe\Dhcp6Io.c
|
|
+ - NetworkPkg\Dhcp6Dxe\Dhcp6Impl.h
|
|
+ links:
|
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4535
|
|
+ - https://nvd.nist.gov/vuln/detail/CVE-2023-45230
|
|
+ - http://www.openwall.com/lists/oss-security/2024/01/16/2
|
|
+ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
|
+ - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
|
+CVE_2023_45231:
|
|
+ commit_titles:
|
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45231 Patch"
|
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45231 Unit Tests"
|
|
+ cve: CVE-2023-45231
|
|
+ date_reported: 2023-08-28 13:56 UTC
|
|
+ description: "Bug 03 - edk2/NetworkPkg: Out-of-bounds read when handling a ND Redirect message with truncated options"
|
|
+ note:
|
|
+ files_impacted:
|
|
+ - NetworkPkg/Ip6Dxe/Ip6Option.c
|
|
+ links:
|
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4536
|
|
+ - https://nvd.nist.gov/vuln/detail/CVE-2023-45231
|
|
+ - http://www.openwall.com/lists/oss-security/2024/01/16/2
|
|
+ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
|
+ - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
|
+CVE_2023_45232:
|
|
+ commit_titles:
|
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45232 Patch"
|
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45232 Unit Tests"
|
|
+ cve: CVE-2023-45232
|
|
+ date_reported: 2023-08-28 13:56 UTC
|
|
+ description: "Bug 04 - edk2/NetworkPkg: Infinite loop when parsing unknown options in the Destination Options header"
|
|
+ note:
|
|
+ files_impacted:
|
|
+ - NetworkPkg/Ip6Dxe/Ip6Option.c
|
|
+ - NetworkPkg/Ip6Dxe/Ip6Option.h
|
|
+ links:
|
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4537
|
|
+ - https://nvd.nist.gov/vuln/detail/CVE-2023-45232
|
|
+ - http://www.openwall.com/lists/oss-security/2024/01/16/2
|
|
+ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
|
+ - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
|
+CVE_2023_45233:
|
|
+ commit_titles:
|
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45232 Patch"
|
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45232 Unit Tests"
|
|
+ cve: CVE-2023-45233
|
|
+ date_reported: 2023-08-28 13:56 UTC
|
|
+ description: "Bug 05 - edk2/NetworkPkg: Infinite loop when parsing a PadN option in the Destination Options header "
|
|
+ note: This was fixed along with CVE-2023-45233
|
|
+ files_impacted:
|
|
+ - NetworkPkg/Ip6Dxe/Ip6Option.c
|
|
+ - NetworkPkg/Ip6Dxe/Ip6Option.h
|
|
+ links:
|
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4538
|
|
+ - https://nvd.nist.gov/vuln/detail/CVE-2023-45233
|
|
+ - http://www.openwall.com/lists/oss-security/2024/01/16/2
|
|
+ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
|
+ - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
|
+CVE_2023_45234:
|
|
+ commit_titles:
|
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45234 Patch"
|
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45234 Unit Tests"
|
|
+ cve: CVE-2023-45234
|
|
+ date_reported: 2023-08-28 13:56 UTC
|
|
+ description: "Bug 06 - edk2/NetworkPkg: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message"
|
|
+ note:
|
|
+ files_impacted:
|
|
+ - NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
|
+ links:
|
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4539
|
|
+ - https://nvd.nist.gov/vuln/detail/CVE-2023-45234
|
|
+ - http://www.openwall.com/lists/oss-security/2024/01/16/2
|
|
+ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
|
+ - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
|
+CVE_2023_45235:
|
|
+ commit_titles:
|
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45235 Patch"
|
|
+ - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45235 Unit Tests"
|
|
+ cve: CVE-2023-45235
|
|
+ date_reported: 2023-08-28 13:56 UTC
|
|
+ description: "Bug 07 - edk2/NetworkPkg: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message"
|
|
+ note:
|
|
+ files_impacted:
|
|
+ - NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
|
+ - NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.h
|
|
+ links:
|
|
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4540
|
|
+ - https://nvd.nist.gov/vuln/detail/CVE-2023-45235
|
|
+ - http://www.openwall.com/lists/oss-security/2024/01/16/2
|
|
+ - http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html
|
|
+ - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
|
|
--
|
|
2.39.3
|
|
|