ovmf: Fix CVE-2023-45231 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Soumya Sambu <soumya.sambu@windriver.com>	2024-06-28 09:04:54 +0000
committer	Steve Sakoman <steve@sakoman.com>	2024-12-09 07:54:03 -0800
commit	9bd68aeb6678c60833965aa3d5bd31a7cef3d45c (patch)
tree	a754217ee647284dff806168fb0fc62130956371 /scripts/lib
parent	8975a92de5dc34e4fb6a2842acb3482ebe1fbd1c (diff)
download	poky-9bd68aeb6678c60833965aa3d5bd31a7cef3d45c.tar.gz

ovmf: Fix CVE-2023-45231

EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing Neighbor Discovery Redirect message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality. References: https://nvd.nist.gov/vuln/detail/CVE-2023-45231 Upstream-patches: https://github.com/tianocore/edk2/commit/bbfee34f4188ac00371abe1389ae9c9fb989a0cd https://github.com/tianocore/edk2/commit/6f77463d72807ec7f4ed6518c3dac29a1040df9f (From OE-Core rev: bdff14d8e6f4dad7b873442c813672ef0ec6fb01) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'scripts/lib')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: