From: Hao Wu <hao.a.wu@intel.com>
To: edk2-devel@lists.01.org
Cc: Hao Wu <hao.a.wu@intel.com>, Star Zeng <star.zeng@intel.com>,
Chao Zhang <chao.b.zhang@intel.com>,
Jiewen Yao <jiewen.yao@intel.com>,
Laszlo Ersek <lersek@redhat.com>
Subject: [PATCH v2 0/2][UDK branches][CVE-2017-5753] Additional Bounds Check Bypass issue in SMI handlers
Date: Fri, 16 Nov 2018 12:12:40 +0800 [thread overview]
Message-ID: <20181116041242.37604-1-hao.a.wu@intel.com> (raw)
V2 changes:
Add the missing information in the commit message for patch 1/2.
V1 history:
The series aims to mitigate the Bounds Check Bypass (CVE-2017-5753) issues
within SMI handlers. Moreover, this series focuses on those SMI handlers
that exist on the UDK branches but not on the master branch.
Patch 1/2 will be applied on the below UDK branches:
UDK2017
UDK2015
UDK2014.SP1
Patch 2/2 will be applied on the below UDK branches:
UDK2017
UDK2015
A more detailed explanation of the purpose of the series is under the
'Bounds check bypass mitigation' section of the below link:
https://software.intel.com/security-software-guidance/insights/host-firmware-speculative-execution-side-channel-mitigation
And the document at:
https://software.intel.com/security-software-guidance/api-app/sites/default/files/337879-analyzing-potential-bounds-Check-bypass-vulnerabilities.pdf
Cc: Star Zeng <star.zeng@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Hao Wu (2):
MdeModulePkg/SmmCorePerfLib: [CVE-2017-5753] Fix bounds check bypass
SecurityPkg/OpalPWSupportLib: [CVE-2017-5753] Fix bounds check bypass
MdeModulePkg/Library/SmmCorePerformanceLib/SmmCorePerformanceLib.c | 16 +++++++++++++++-
SecurityPkg/Library/OpalPasswordSupportLib/OpalPasswordSupportLib.c | 7 ++++++-
2 files changed, 21 insertions(+), 2 deletions(-)
--
2.12.0.windows.1
next reply other threads:[~2018-11-16 4:12 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-11-16 4:12 Hao Wu [this message]
2018-11-16 4:12 ` [PATCH v2 1/2] MdeModulePkg/SmmCorePerfLib: [CVE-2017-5753] Fix bounds check bypass Hao Wu
2018-11-16 4:40 ` Zeng, Star
2018-11-21 6:16 ` Gao, Liming
2018-11-21 6:17 ` Wu, Hao A
2018-11-16 4:12 ` [PATCH v2 2/2] SecurityPkg/OpalPWSupportLib: " Hao Wu
2018-11-19 1:20 ` Dong, Eric
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181116041242.37604-1-hao.a.wu@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox