From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id AB0D3D8024B for ; Thu, 11 Jan 2024 05:15:32 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=iUVv0SQuUz3/HpeH96uNJvG3A0dNiQNPWr46Lx/fZVo=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1704950131; v=1; b=NkwWu9LqoKw+gWmbmkoktCCDoLjMlAngSIxNYdrw3p2uITvlYP2d/M9Ywz7OQsyTvhottZ7T bkOxcn0giWi5WONiXWu2WSu0EaoQzYBG1qV+Dp+bPDxEEUFGI9OIIs0N+1O9HteaNMC72mc5L08 svHeQSqm7ItyCjddf8riM4sc= X-Received: by 127.0.0.2 with SMTP id 655sYY7687511xEpgwA3EI8O; Wed, 10 Jan 2024 21:15:31 -0800 X-Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.8]) by mx.groups.io with SMTP id smtpd.web10.5391.1704950130183224811 for ; Wed, 10 Jan 2024 21:15:30 -0800 X-IronPort-AV: E=McAfee;i="6600,9927,10949"; a="12229101" X-IronPort-AV: E=Sophos;i="6.04,185,1695711600"; d="scan'208";a="12229101" X-Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmvoesa102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jan 2024 21:15:29 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10949"; a="955624780" X-IronPort-AV: E=Sophos;i="6.04,185,1695711600"; d="scan'208";a="955624780" X-Received: from gguo-desk.gar.corp.intel.com ([10.225.76.26]) by orsmga005.jf.intel.com with ESMTP; 10 Jan 2024 21:15:28 -0800 From: "Guo, Gua" To: devel@edk2.groups.io Cc: gua.guo@intel.com Subject: [edk2-devel] [PATCH v1 0/4] Bz4166: Integer Overflow in CreateHob() Date: Thu, 11 Jan 2024 13:15:17 +0800 Message-Id: <20240111051521.1366-1-gua.guo@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,gua.guo@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: RekQGk98YYH6tjFNkI7OYiGWx7686176AA= Content-Transfer-Encoding: 8bit X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=NkwWu9Lq; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none) From: Gua Guo Fix Integer Overflow for CVE-2022-36765 1. UefiPayloadPkg/Hob: Integer Overflow in CreateHob() 2. StandaloneMmPkg/Hob: Integer Overflow in CreateHob() 3. EmbeddedPkg/Hob: Integer Overflow in CreateHob() 4. MdeModulePkg/Hob: Integer Overflow in CreateHob() Gerd Hoffmann (4): UefiPayloadPkg/Hob: Integer Overflow in CreateHob() StandaloneMmPkg/Hob: Integer Overflow in CreateHob() EmbeddedPkg/Hob: Integer Overflow in CreateHob() MdeModulePkg/Hob: Integer Overflow in CreateHob() EmbeddedPkg/Library/PrePiHobLib/Hob.c | 6 ++++++ MdeModulePkg/Core/Pei/Hob/Hob.c | 2 +- .../StandaloneMmCoreHobLib/Arm/StandaloneMmCoreHobLib.c | 6 ++++++ UefiPayloadPkg/Library/PayloadEntryHobLib/Hob.c | 6 ++++++ 4 files changed, 19 insertions(+), 1 deletion(-) -- 2.39.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#113576): https://edk2.groups.io/g/devel/message/113576 Mute This Topic: https://groups.io/mt/103657270/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-