ovmf: Fix CVE-2023-45229 · openembedded/openembedded-core@23a87c5

Commit

ovmf: Fix CVE-2023-45229

EDK2's Network Package is susceptible to an out-of-bounds read
vulnerability when processing the IA_NA or IA_TA option in a DHCPv6
Advertise message. This vulnerability can be exploited by an attacker
to gain unauthorized access and potentially lead to a loss of
Confidentiality.

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-45229

Upstream-patches:
tianocore/edk2@1dbb10c
tianocore/edk2@0736276
tianocore/edk2@1c440a5
tianocore/edk2@1d0b95f

Signed-off-by: Soumya Sambu <[email protected]>

Loading branch information

SoumyaWind authored and hongxu-jia committed Dec 4, 2024

1 parent dd26902 commit 23a87c5

0 comments on commit `23a87c5`

Please sign in to comment.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Commit

There are no files selected for viewing

0 comments on commit `23a87c5`

Commit

There are no files selected for viewing

0 comments on commit 23a87c5

0 comments on commit `23a87c5`