From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+114969+7686176+12367111@groups.io>
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108])
	by spool.mail.gandi.net (Postfix) with ESMTPS id 51ED6AC1A19
	for <rebecca@openfw.io>; Thu,  1 Feb 2024 22:18:26 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=e83kjEfMI3jtwnnVZZqTnF3js6CKTRLu/7Cnphw7Xm0=;
 c=relaxed/simple; d=groups.io;
 h=ARC-Seal:ARC-Message-Signature:ARC-Authentication-Results:From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding;
 s=20140610; t=1706825905; v=1;
 b=PR5ZTM3F/8VHR8JsLUd7TMsE1DWdiuWFXeE1fW292yAELzZmA7AN51+Uo2btpRqMIsZ8Dvp/
 Hc3Mnlkz7ko4xsT9Ed8GZhliYsKJUSd21upcT6iqzdtktVgicoy0Gj+mxeiXvZZFXiGwVbf9fn4
 +anCbgqgqJQzyMI0uJJLyC0Q=
X-Received: by 127.0.0.2 with SMTP id T7wJYY7687511xEl23n1pWb7; Thu, 01 Feb 2024 14:18:25 -0800
X-Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.13])
 by mx.groups.io with SMTP id smtpd.web11.9076.1706825904336501482
 for <devel@edk2.groups.io>;
 Thu, 01 Feb 2024 14:18:24 -0800
X-IronPort-AV: E=McAfee;i="6600,9927,10971"; a="2952385"
X-IronPort-AV: E=Sophos;i="6.05,236,1701158400"; 
   d="scan'208";a="2952385"
X-Received: from fmviesa002.fm.intel.com ([10.60.135.142])
  by fmvoesa107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Feb 2024 14:18:23 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="6.05,236,1701158400"; 
   d="scan'208";a="23215032"
X-Received: from fmsmsx602.amr.corp.intel.com ([10.18.126.82])
  by fmviesa002.fm.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 01 Feb 2024 14:18:23 -0800
X-Received: from fmsmsx610.amr.corp.intel.com (10.18.126.90) by
 fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2507.35; Thu, 1 Feb 2024 14:18:22 -0800
X-Received: from fmsedg602.ED.cps.intel.com (10.1.192.136) by
 fmsmsx610.amr.corp.intel.com (10.18.126.90) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2507.35 via Frontend Transport; Thu, 1 Feb 2024 14:18:22 -0800
X-Received: from NAM12-BN8-obe.outbound.protection.outlook.com (104.47.55.169)
 by edgegateway.intel.com (192.55.55.71) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.1.2507.35; Thu, 1 Feb 2024 14:18:22 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=OizqcUYZmP9zNnZ7ZVBTPFyMlhmIY1QzaFH4mhVvEEZse6OInLNdRglREFRmwkU8d0v5WsuVkxwat341DLM9Qv2pbCbf5Z6rUDkq9sSCBcGCgBje1BsdXabL0P8vKkSiduMM073F10WchRnjjPpysVBDx2C3wxztdvtmcIZRYsxZCAJzzNIBnGBMoj8XWHscItCzEVoWWkKbXFWa3TAPfbx+jeo7PVhjnXRrxtPbP/ql0UR2cvZSpMG0839vNwGbHu3+AKIMs56slK9fvP+9BgKP3VxFGnwIu+GYnuXLoqkBPwyqx3Qy7PPqDp/br2b7Dx/JOjhwLBSTyhUiNrZp2w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=miJvzGn0deaWtBKE3aAmzzSl/B28vN0ObMyevi/HbX8=;
 b=LUd7Gxi30SoWWUxsAahVJBeeXTStxjzMCfJa4lfM9WaNVoAfou2MCyOM0L46e561iwzozK1Zb6gynJ/U76ySDo6sZQJ0IxWfRLTBvBOJKrssSNlTOCxaP6iEQ83bmH4KKipmWl3h7J5iCRLmtOl4PKmCHgJmt2rAqCbBkhWkrnp/wrKji87CB3pVIhJ2G+bLZL+boXQoyc8iYCJNQQzOD7/vqQmzvGRTy/sdVqT3wFIJdGHyqiFt0zgAbduxiCXpzFhrrSGIg2t20C8yd84vgNTV/Lf1Oe37tGDBlgzhWO2ARsYt9UEniLmrgTLs5l8vbQy9prTgU9tFklCtSMLGMg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com;
 dkim=pass header.d=intel.com; arc=none
X-Received: from SN7PR11MB8281.namprd11.prod.outlook.com (2603:10b6:806:26b::20)
 by CY5PR11MB6509.namprd11.prod.outlook.com (2603:10b6:930:43::11) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.29; Thu, 1 Feb
 2024 22:18:19 +0000
X-Received: from SN7PR11MB8281.namprd11.prod.outlook.com
 ([fe80::bf47:e473:3750:b81f]) by SN7PR11MB8281.namprd11.prod.outlook.com
 ([fe80::bf47:e473:3750:b81f%5]) with mapi id 15.20.7249.024; Thu, 1 Feb 2024
 22:18:19 +0000
From: "Saloni Kasbekar" <saloni.kasbekar@intel.com>
To: "Douglas Flick [MSFT]" <doug.edk2@gmail.com>, "devel@edk2.groups.io"
	<devel@edk2.groups.io>
CC: "Clark-williams, Zachary" <zachary.clark-williams@intel.com>
Subject: Re: [edk2-devel] [PATCH v2 15/15] NetworkPkg: : Adds a SecurityFix.yaml file
Thread-Topic: [PATCH v2 15/15] NetworkPkg: : Adds a SecurityFix.yaml file
Thread-Index: AQHaT+MuXUrN85Sa9k2ST+U5IgYJRrD2AV2Q
Date: Thu, 1 Feb 2024 22:18:19 +0000
Message-ID: <SN7PR11MB8281CCB9C4B4D84E86D83C74F1432@SN7PR11MB8281.namprd11.prod.outlook.com>
References: <cover.1706219324.git.doug.edk2@gmail.com>
 <7cff1e0c867f716759a3aea9a67e3ded0ac59620.1706219324.git.doug.edk2@gmail.com>
In-Reply-To: <7cff1e0c867f716759a3aea9a67e3ded0ac59620.1706219324.git.doug.edk2@gmail.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SN7PR11MB8281:EE_|CY5PR11MB6509:EE_
x-ms-office365-filtering-correlation-id: 9a7a142a-70a1-4f47-b028-08dc2373b1c7
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam-message-info: kLmB27DssENFAqyknQNx03T6yRQlsTvgMgsvMOXgO8A7+hyBt8VrLqgkBIcPN4uSPGdXgtst5sORhyDdxB1Fo5qtEo10Jy71WwQjfaGF0RsdePC/bcJ/7qlaXr0WqmDq90oKFPHtsep+K4V7cU7xE2Tca8iWPpOO96wKxsG91e9ajr6MLbwLmT5YhTn37EK0sSt/20o0XMEg/FD1S7ki4PRipEj2Se7hHlNWBVFWc90d8q1t3iUi0AjnRPFrkVwo3scWxJyNsJI/zUbtsUwYmD/79ka3Iv3N20sOuSf9DWwBfyCDg1Kt/zq7N1UuvT6E2I63rC0+tjP5qGa+I65d6ESFZ1OYlbqq7bYTL1T44rI9rKs3rp7JH+cW3H+oSOzZe15d4vEprYkK9TDa0xepdFqpB9lN130ZFJ5PdzaGCntTCVWgrGdg6N0/gEqjzJs8wy4uA6+Qy4xf3WxkxgaqN0kJrT4uXRfdEFOyym1/CN55IZmwa+K5WyZof03mh6317ql7QbciWC/iSKulhlpZPG0Kj4/dR6ULoOBkGXjaiu0oXecK8K+r9U5JW1cExD7rsShgQPVjxsZnfRHTfY0wHMeOeaWYoj7YHmCtXBa1JBcFdQqUW+oPD5CsU3IrK9gcRE3lv4e9bZld8oAbKthPmQ==
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?a+ZXrE++jdt1kpmcHzIs49Dn4GYMWDWFT2UcRbPoimge8imIDE/sTNYYHsYK?=
 =?us-ascii?Q?AjYe1NXVeE+y7i6OFj9f9Qrn35W3WN2xs8HqcIui4DFdnmRrifXutQcysRc5?=
 =?us-ascii?Q?ek+nX63zaJwYfx+3EJKP413/09sxO5qJMitxPrEuW3hYnNwRfaC3p+gtK+T1?=
 =?us-ascii?Q?rvs4goNTKVk25H3gpWKXUScN3DqdRf/P19ae0soOVxsczAlVr9XXg6EFZ8xj?=
 =?us-ascii?Q?jsBmAvJFMckJSRjYgLD21dRoLFc0DVUugi5K3X7FdCQqiKO00gKmueaWtzUI?=
 =?us-ascii?Q?PR1kPjm96XIbje5KLa5NWhoh30U4KfRjmcr0UK/t7tkqkZYlt1FfoRjC6q5w?=
 =?us-ascii?Q?nar2HF49nNGlFT0hBsYunsROEtB2wr6HfaXwQfD3Ne1qJsPbpVCMGf1Do6Gr?=
 =?us-ascii?Q?cZloi6+dPOE4ZcQasR2H9Og8QDDBh5MGpSDAYqNriVp6Vpq6nEl1oQ4IMyFr?=
 =?us-ascii?Q?fyBvRDUvrvghFqlV+WS3azKK232fkd5mQmMD8PdvN8xIe9uWXcBiX5QhUjzP?=
 =?us-ascii?Q?hzyzv0fm05kyH60Qn5Sho2NNWqXuMbbbvQbmX4S34t2a/JRYo4EbmRmYoCv3?=
 =?us-ascii?Q?AHWtVDw777Abk7XK/Zz5cf/cdgVvmD/CX2bMfeFxe5IEwkvKOVyrAxgM1+dT?=
 =?us-ascii?Q?nOfo2jYULkwg/gVjb2elwjHJlrIggjT5tId6Y72vDY0fgUiqUUos7nOBQFHZ?=
 =?us-ascii?Q?ZNWTNNRmzW24zdPB1ruP/wKmUY5lwtFP67Xh87sWSP9LxP+ZL3v5fkk+QD8Q?=
 =?us-ascii?Q?PcglxFSMCFkoOch4vPcLkFmnSZc7WDv+zOGM5dqG7iLpMhMNy5CpK15/c5RU?=
 =?us-ascii?Q?vAIirkrAIHkjQhnEKpx0/b5zvQmdvPVs4hnW9rvpEFgoC7wFQfHDPXTPDtsc?=
 =?us-ascii?Q?wV5ODofKO8B9T3uWVcDeYPG9kWN1gTcYvigN9c8nnZCzI45itGGiREdpGXXu?=
 =?us-ascii?Q?o6L6PyUqYX14AjqJoXcLv0hmUSeSWfvwy6ueyJiERjLvQ0io0rrgSBE/GYjJ?=
 =?us-ascii?Q?PudtTem3gJEmrEz014W1Pw7ogaGru52FlUpuBUOaDIMnT/B11x6Lh/nNP5du?=
 =?us-ascii?Q?2pBjQsmZOcsUv8c0DIR/2fzE2A7WEq7w7m2eb3TzUUYCga05IIISQo4IiSMu?=
 =?us-ascii?Q?qWtn9i5rpA+AiV/qUVCxowKh8S2KwSEP79a/xe/vUDKDRo5F6wYo7uQy8bvd?=
 =?us-ascii?Q?uxNK30/auCj7TZ0zAk4hsu4ECCclqyx8E+qni8qoHxWlEadS4VGIzXbLNON3?=
 =?us-ascii?Q?c/PZXBxqPuJk4fBSSVnngJFmzrCx3+gHTYuNl9attRBA/rdQhlhs9cuCC0f5?=
 =?us-ascii?Q?TRKTYu+nHehtFfQKv/ekbT7VDJeDJAwfcvJRIpzQnnD/SaBWGAomCTCchJfT?=
 =?us-ascii?Q?nqkATTql8MzwlerqMGtSX0+rxMdWFKbzr7we41Gtok2col5IwJteU3QLfmj5?=
 =?us-ascii?Q?+HyMQfFsi+I26rUUa4K3Gs7IaMFnXw9Kagr5FYqKzu0yGrCGWWd9IBEIrei3?=
 =?us-ascii?Q?/jRdrl6I7/rVb0fuuyH1VknPVoZmDftfik7d/2ZX3O9+7MMBUVeferYf4QkV?=
 =?us-ascii?Q?XP15QOkULs/ZfQEa/Hb7AWV0BWAxkAcDfEQWukZ+?=
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SN7PR11MB8281.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 9a7a142a-70a1-4f47-b028-08dc2373b1c7
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Feb 2024 22:18:19.0342
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: vb71KBi9poz3m18eodKYZxzy/C3lmeKzFqVR7tyoulF6QPbpUbVUAnoIqd3LIlIrKbL3w8v8IFgL+jPtwGyiCqxKEJhtRN5AarSaTtK2DKY=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY5PR11MB6509
X-OriginatorOrg: intel.com
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,saloni.kasbekar@intel.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
X-Gm-Message-State: UFLPtO7mHcES2iAFWiaBtEsjx7686176AA=
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20140610 header.b=PR5ZTM3F;
	arc=reject ("signature check failed: fail, {[1] = sig:microsoft.com:reject}");
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none);
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io

Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>

-----Original Message-----
From: Douglas Flick [MSFT] <doug.edk2@gmail.com>=20
Sent: Thursday, January 25, 2024 1:55 PM
To: devel@edk2.groups.io
Cc: Douglas Flick [MSFT] <doug.edk2@gmail.com>; Kasbekar, Saloni <saloni.ka=
sbekar@intel.com>; Clark-williams, Zachary <zachary.clark-williams@intel.co=
m>
Subject: [PATCH v2 15/15] NetworkPkg: : Adds a SecurityFix.yaml file

This creates / adds a security file that tracks the security fixes found in=
 this package and can be used to find the fixes that were applied.

Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>

Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
---
 NetworkPkg/SecurityFixes.yaml | 123 ++++++++++++++++++++++++++++++++++
 1 file changed, 123 insertions(+)
 create mode 100644 NetworkPkg/SecurityFixes.yaml

diff --git a/NetworkPkg/SecurityFixes.yaml b/NetworkPkg/SecurityFixes.yaml =
new file mode 100644 index 000000000000..7e900483fec5
--- /dev/null
+++ b/NetworkPkg/SecurityFixes.yaml
@@ -0,0 +1,123 @@
+## @file+# Security Fixes for SecurityPkg+#+# Copyright (c) Microsoft Corp=
oration+# SPDX-License-Identifier: BSD-2-Clause-Patent+##+CVE_2023_45229:+ =
 commit_titles:+    - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 =
Patch"+    - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Unit Test=
s"+  cve: CVE-2023-45229+  date_reported: 2023-08-28 13:56 UTC+  descriptio=
n: "Bug 01 - edk2/NetworkPkg: Out-of-bounds read when processing IA_NA/IA_T=
A options in a DHCPv6 Advertise message"+  note:+  files_impacted:+    - Ne=
tworkPkg\Dhcp6Dxe\Dhcp6Io.c+    - NetworkPkg\Dhcp6Dxe\Dhcp6Impl.h+  links:+=
    - https://bugzilla.tianocore.org/show_bug.cgi?id=3D4534+    - https://n=
vd.nist.gov/vuln/detail/CVE-2023-45229+    - http://www.openwall.com/lists/=
oss-security/2024/01/16/2+    - http://packetstormsecurity.com/files/176574=
/PixieFail-Proof-Of-Concepts.html+    - https://blog.quarkslab.com/pixiefai=
l-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html+CVE_202=
3_45230:+  commit_titles:+    - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2=
023-45230 Patch"+    - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230=
 Unit Tests"+  cve: CVE-2023-45230+  date_reported: 2023-08-28 13:56 UTC+  =
description: "Bug 02 - edk2/NetworkPkg: Buffer overflow in the DHCPv6 clien=
t via a long Server ID option"+  note:+  files_impacted:+    - NetworkPkg\D=
hcp6Dxe\Dhcp6Io.c+    - NetworkPkg\Dhcp6Dxe\Dhcp6Impl.h+  links:+    - http=
s://bugzilla.tianocore.org/show_bug.cgi?id=3D4535+    - https://nvd.nist.go=
v/vuln/detail/CVE-2023-45230+    - http://www.openwall.com/lists/oss-securi=
ty/2024/01/16/2+    - http://packetstormsecurity.com/files/176574/PixieFail=
-Proof-Of-Concepts.html+    - https://blog.quarkslab.com/pixiefail-nine-vul=
nerabilities-in-tianocores-edk-ii-ipv6-network-stack.html+CVE_2023_45231:+ =
 commit_titles:+    - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45231 =
Patch"+    - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45231 Unit Test=
s"+  cve: CVE-2023-45231+  date_reported: 2023-08-28 13:56 UTC+  descriptio=
n: "Bug 03 - edk2/NetworkPkg: Out-of-bounds read when handling a ND Redirec=
t message with truncated options"+  note:+  files_impacted:+    - NetworkPk=
g/Ip6Dxe/Ip6Option.c+  links:+    - https://bugzilla.tianocore.org/show_bug=
.cgi?id=3D4536+    - https://nvd.nist.gov/vuln/detail/CVE-2023-45231+    - =
http://www.openwall.com/lists/oss-security/2024/01/16/2+    - http://packet=
stormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html+    - https=
://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-i=
pv6-network-stack.html+CVE_2023_45232:+  commit_titles:+    - "NetworkPkg: =
Dhcp6Dxe: SECURITY PATCH CVE-2023-45232 Patch"+    - "NetworkPkg: Dhcp6Dxe:=
 SECURITY PATCH CVE-2023-45232 Unit Tests"+  cve: CVE-2023-45232+  date_rep=
orted: 2023-08-28 13:56 UTC+  description: "Bug 04 - edk2/NetworkPkg: Infin=
ite loop when parsing unknown options in the Destination Options header"+  =
note:+  files_impacted:+    - NetworkPkg/Ip6Dxe/Ip6Option.c+    - NetworkPk=
g/Ip6Dxe/Ip6Option.h+  links:+    - https://bugzilla.tianocore.org/show_bug=
.cgi?id=3D4537+    - https://nvd.nist.gov/vuln/detail/CVE-2023-45232+    - =
http://www.openwall.com/lists/oss-security/2024/01/16/2+    - http://packet=
stormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html+    - https=
://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-i=
pv6-network-stack.html+CVE_2023_45233:+  commit_titles:+    - "NetworkPkg: =
Dhcp6Dxe: SECURITY PATCH CVE-2023-45232 Patch"+    - "NetworkPkg: Dhcp6Dxe:=
 SECURITY PATCH CVE-2023-45232 Unit Tests"+  cve: CVE-2023-45233+  date_rep=
orted: 2023-08-28 13:56 UTC+  description: "Bug 05 - edk2/NetworkPkg: Infin=
ite loop when parsing a PadN option in the Destination Options header "+  n=
ote: This was fixed along with CVE-2023-45233+  files_impacted:+    - Netwo=
rkPkg/Ip6Dxe/Ip6Option.c+    - NetworkPkg/Ip6Dxe/Ip6Option.h+  links:+    -=
 https://bugzilla.tianocore.org/show_bug.cgi?id=3D4538+    - https://nvd.ni=
st.gov/vuln/detail/CVE-2023-45233+    - http://www.openwall.com/lists/oss-s=
ecurity/2024/01/16/2+    - http://packetstormsecurity.com/files/176574/Pixi=
eFail-Proof-Of-Concepts.html+    - https://blog.quarkslab.com/pixiefail-nin=
e-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html+CVE_2023_452=
34:+  commit_titles:+    - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-4=
5234 Patch"+    - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45234 Unit=
 Tests"+  cve: CVE-2023-45234+  date_reported: 2023-08-28 13:56 UTC+  descr=
iption: "Bug 06 - edk2/NetworkPkg: Buffer overflow when processing DNS Serv=
ers option in a DHCPv6 Advertise message"+  note:+  files_impacted:+    - N=
etworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c+  links:+    - https://bugzilla.tianoco=
re.org/show_bug.cgi?id=3D4539+    - https://nvd.nist.gov/vuln/detail/CVE-20=
23-45234+    - http://www.openwall.com/lists/oss-security/2024/01/16/2+    =
- http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.h=
tml+    - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tian=
ocores-edk-ii-ipv6-network-stack.html+CVE_2023_45235:+  commit_titles:+    =
- "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45235 Patch"+    - "Networ=
kPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45235 Unit Tests"+  cve: CVE-2023-4=
5235+  date_reported: 2023-08-28 13:56 UTC+  description: "Bug 07 - edk2/Ne=
tworkPkg: Buffer overflow when handling Server ID option from a DHCPv6 prox=
y Advertise message"+  note:+  files_impacted:+    - NetworkPkg/UefiPxeBcDx=
e/PxeBcDhcp6.c+    - NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.h+  links:+    - ht=
tps://bugzilla.tianocore.org/show_bug.cgi?id=3D4540+    - https://nvd.nist.=
gov/vuln/detail/CVE-2023-45235+    - http://www.openwall.com/lists/oss-secu=
rity/2024/01/16/2+    - http://packetstormsecurity.com/files/176574/PixieFa=
il-Proof-Of-Concepts.html+    - https://blog.quarkslab.com/pixiefail-nine-v=
ulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html--=20
2.43.0



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#114969): https://edk2.groups.io/g/devel/message/114969
Mute This Topic: https://groups.io/mt/103964993/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-