> -----Original Message----- > From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of > Laszlo Ersek > Sent: Tuesday, February 26, 2019 7:45 PM > To: Wu, Hao A; edk2-devel@lists.01.org > Cc: Zeng, Star > Subject: Re: [edk2] [PATCH v2 0/2] MdeModulePkg: Resolve buffer cross > boundary access in Ramdisk > > On 02/26/19 08:45, Hao Wu wrote: > > V2 changes: > > > > Correct CC list information. > > > > > > V1 history: > > > > The series will resolve a buffer cross boundary access issue during the > > use of RAM disks. It is the mitigation for issue CVE-2018-12180. > > > > Cc: Jian J Wang <jian.j.w...@intel.com> > > Cc: Ray Ni <ray...@intel.com> > > Cc: Star Zeng <star.z...@intel.com> > > > > Hao Wu (2): > > MdeModulePkg/PartitionDxe: Ensure blocksize can hold MBR (CVE FIX) > > MdeModulePkg/RamDiskDxe: Ramdisk size be multiple of BlkSize (CVE > FIX) > > > > MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskImpl.h | 6 +++--- > > MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c | 9 ++++++++- > > MdeModulePkg/Universal/Disk/PartitionDxe/Mbr.c | 9 ++++++++- > > MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskBlockIo.c | 20 > ++++++++++++++------ > > MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskProtocol.c | 5 +++-- > > 5 files changed, 36 insertions(+), 13 deletions(-) > > > > Please put the exact CVE numbers in the subject lines.
Thanks. V3 series proposed. Best Regards, Hao Wu > > Thanks > Laszlo > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel