The series aims to mitigate the Bounds Check Bypass (CVE-2017-5753) issues within SMI handlers. Moreover, this series focuses on those SMI handlers that exist on the UDK branches but not on the master branch.
Patch 1/2 will be applied on the below UDK branches: UDK2017 UDK2015 UDK2014.SP1 Patch 2/2 will be applied on the below UDK branches: UDK2017 UDK2015 A more detailed explanation of the purpose of the series is under the 'Bounds check bypass mitigation' section of the below link: https://software.intel.com/security-software-guidance/insights/host-firmware-speculative-execution-side-channel-mitigation And the document at: https://software.intel.com/security-software-guidance/api-app/sites/default/files/337879-analyzing-potential-bounds-Check-bypass-vulnerabilities.pdf Cc: Star Zeng <[email protected]> Cc: Chao Zhang <[email protected]> Cc: Jiewen Yao <[email protected]> Cc: Laszlo Ersek <[email protected]> Hao Wu (2): MdeModulePkg/SmmCorePerfLib: [CVE-2017-5753] Fix bounds check bypass SecurityPkg/OpalPWSupportLib: [CVE-2017-5753] Fix bounds check bypass MdeModulePkg/Library/SmmCorePerformanceLib/SmmCorePerformanceLib.c | 16 +++++++++++++++- SecurityPkg/Library/OpalPasswordSupportLib/OpalPasswordSupportLib.c | 7 ++++++- 2 files changed, 21 insertions(+), 2 deletions(-) -- 2.12.0.windows.1 _______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
