ovmf: Fix CVE-2022-36765

EDK2 is susceptible to a vulnerability in the CreateHob() function,
allowing a user to trigger a integer overflow to buffer overflow
via a local network. Successful exploitation of this vulnerability
may result in a compromise of confidentiality, integrity, and/or
availability.

References:
https://nvd.nist.gov/vuln/detail/CVE-2022-36765

Upstream-patches:
https://github.com/tianocore/edk2/commit/59f024c76ee57c2bec84794536302fc770cd6ec2
https://github.com/tianocore/edk2/commit/aeaee8944f0eaacbf4cdf39279785b9ba4836bb6
https://github.com/tianocore/edk2/commit/9a75b030cf27d2530444e9a2f9f11867f79bf679

(From OE-Core rev: 260fc2182e6a83d7c93b2e8efd95255cd9168a79)

Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

1 files changed, 3 insertions, 0 deletions

diff --git a/meta/recipes-core/ovmf/ovmf_git.bb b/meta/recipes-core/ovmf/ovmf_git.bb
index dbfed086e4..1dba709824 100644
--- a/meta/recipes-core/ovmf/ovmf_git.bb
+++ b/meta/recipes-core/ovmf/ovmf_git.bb
@@ -50,6 +50,9 @@ SRC_URI = "gitsm://github.com/tianocore/edk2.git;branch=master;protocol=https \
            file://CVE-2023-45237-0001.patch \
            file://CVE-2023-45237-0002.patch \
            file://CVE-2023-45236.patch \
+           file://CVE-2022-36765-0001.patch \
+           file://CVE-2022-36765-0002.patch \
+           file://CVE-2022-36765-0003.patch \
            "
 
 PV = "edk2-stable202202"