Thanks Laszlo, I will update the subject to include the CVE number when commit the patch.
> -----Original Message----- > From: Laszlo Ersek [mailto:ler...@redhat.com] > Sent: Tuesday, February 26, 2019 7:17 PM > To: Wu, Jiaxin <jiaxin...@intel.com>; edk2-devel@lists.01.org > Cc: Ye, Ting <ting...@intel.com>; Wang, Fan <fan.w...@intel.com>; Fu, Siyuan > <siyuan...@intel.com> > Subject: Re: [edk2] [PATCH v1] NetworkPkg/DnsDxe: Check the received packet > size before parsing the message. > > On 02/26/19 09:14, Jiaxin Wu wrote: > > Fix CVE-2018-12178 > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=809 > > > > The DNS driver only checks the received packet size against the > > minimum DNS header size in DnsOnPacketReceived(), later it accesses > > the QueryName and QuerySection beyond the header scope, which might > > cause the pointer within DNS driver points to an invalid entry or > > modifies the memory content beyond the header scope. > > > > This patch is to fix above problem. > > > > Cc: Ye Ting <ting...@intel.com> > > Cc: Fu Siyuan <siyuan...@intel.com> > > Cc: Wang Fan <fan.w...@intel.com> > > Contributed-under: TianoCore Contribution Agreement 1.0 > > Signed-off-by: Wu Jiaxin <jiaxin...@intel.com> > > --- > > NetworkPkg/DnsDxe/DnsImpl.c | 77 ++++++++++++++++++++++++++++++++-- > --- > > NetworkPkg/DnsDxe/DnsImpl.h | 2 + > > 2 files changed, 69 insertions(+), 10 deletions(-) > > Please put the precise CVE number in the subject line. > > Laszlo _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
