Branch: refs/heads/master
  Home:   https://github.com/tianocore/edk2
  Commit: cab1f02565d3b29081dd21afb074f35fdb4e1fd6
      
https://github.com/tianocore/edk2/commit/cab1f02565d3b29081dd21afb074f35fdb4e1fd6
  Author: Miki Demeter <miki.deme...@intel.com>
  Date:   2022-11-04 (Fri, 04 Nov 2022)

  Changed paths:
    M MdeModulePkg/Core/PiSmmCore/PiSmmCore.c
    M MdeModulePkg/Core/PiSmmCore/PiSmmCore.h
    M MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf
    M MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c
    M MdeModulePkg/Core/PiSmmCore/PiSmmIpl.inf

  Log Message:
  -----------
  MdeModulePkg/PiSmmCore: SmmEntryPoint underflow (CVE-2021-38578)

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3387

Added use of SafeIntLib to validate values are not causing overflows or
underflows in user controlled values when calculating buffer sizes.

Signed-off-by: Miki Demeter <miki.deme...@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kin...@intel.com>
Cc: Jian J Wang <jian.j.w...@intel.com>
Cc: Liming Gao <gaolim...@byosoft.com.cn>
Reviewed-by: Liming Gao <gaolim...@byosoft.com.cn>




_______________________________________________
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits

Reply via email to