public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
* [PATCH v2 0/2][UDK branches][CVE-2017-5753] Additional Bounds Check Bypass issue in SMI handlers
@ 2018-11-16  4:12 Hao Wu
  2018-11-16  4:12 ` [PATCH v2 1/2] MdeModulePkg/SmmCorePerfLib: [CVE-2017-5753] Fix bounds check bypass Hao Wu
  2018-11-16  4:12 ` [PATCH v2 2/2] SecurityPkg/OpalPWSupportLib: " Hao Wu
  0 siblings, 2 replies; 7+ messages in thread
From: Hao Wu @ 2018-11-16  4:12 UTC (permalink / raw)
  To: edk2-devel; +Cc: Hao Wu, Star Zeng, Chao Zhang, Jiewen Yao, Laszlo Ersek

V2 changes:

Add the missing information in the commit message for patch 1/2.


V1 history:

The series aims to mitigate the Bounds Check Bypass (CVE-2017-5753) issues
within SMI handlers. Moreover, this series focuses on those SMI handlers
that exist on the UDK branches but not on the master branch.

Patch 1/2 will be applied on the below UDK branches:
UDK2017
UDK2015
UDK2014.SP1

Patch 2/2 will be applied on the below UDK branches:
UDK2017
UDK2015

A more detailed explanation of the purpose of the series is under the
'Bounds check bypass mitigation' section of the below link:
https://software.intel.com/security-software-guidance/insights/host-firmware-speculative-execution-side-channel-mitigation

And the document at:
https://software.intel.com/security-software-guidance/api-app/sites/default/files/337879-analyzing-potential-bounds-Check-bypass-vulnerabilities.pdf

Cc: Star Zeng <star.zeng@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>

Hao Wu (2):
  MdeModulePkg/SmmCorePerfLib: [CVE-2017-5753] Fix bounds check bypass
  SecurityPkg/OpalPWSupportLib: [CVE-2017-5753] Fix bounds check bypass

 MdeModulePkg/Library/SmmCorePerformanceLib/SmmCorePerformanceLib.c  | 16 +++++++++++++++-
 SecurityPkg/Library/OpalPasswordSupportLib/OpalPasswordSupportLib.c |  7 ++++++-
 2 files changed, 21 insertions(+), 2 deletions(-)

-- 
2.12.0.windows.1



^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2018-11-21  6:17 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-11-16  4:12 [PATCH v2 0/2][UDK branches][CVE-2017-5753] Additional Bounds Check Bypass issue in SMI handlers Hao Wu
2018-11-16  4:12 ` [PATCH v2 1/2] MdeModulePkg/SmmCorePerfLib: [CVE-2017-5753] Fix bounds check bypass Hao Wu
2018-11-16  4:40   ` Zeng, Star
2018-11-21  6:16   ` Gao, Liming
2018-11-21  6:17     ` Wu, Hao A
2018-11-16  4:12 ` [PATCH v2 2/2] SecurityPkg/OpalPWSupportLib: " Hao Wu
2018-11-19  1:20   ` Dong, Eric

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox