[edk2-devel] [PATCH 0/3] SecurityPkg/DxeImageVerificationLib: catch alignment overflow (CVE-2019-14562)
Laszlo Ersek
lersek at redhat.com
Tue Sep 1 09:12:18 UTC 2020
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2215
Repo: https://pagure.io/lersek/edk2.git
Branch: tianocore_2215
I'm neutral on whether this becomes part of edk2-stable202008.
Cc: Jian J Wang <jian.j.wang at intel.com>
Cc: Jiewen Yao <jiewen.yao at intel.com>
Cc: Min Xu <min.m.xu at intel.com>
Cc: Wenyi Xie <xiewenyi2 at huawei.com>
Thanks,
Laszlo
Laszlo Ersek (3):
SecurityPkg/DxeImageVerificationLib: extract SecDataDirEnd,
SecDataDirLeft
SecurityPkg/DxeImageVerificationLib: assign WinCertificate after size
check
SecurityPkg/DxeImageVerificationLib: catch alignment overflow
(CVE-2019-14562)
SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 16 ++++++++++++----
1 file changed, 12 insertions(+), 4 deletions(-)
--
2.19.1.3.g30247aa5d201
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#64882): https://edk2.groups.io/g/devel/message/64882
Mute This Topic: https://groups.io/mt/76552538/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list