Jiaxin, Maciej and Siyuan: I suggest to catch this CVE fix for edk2 Q1 stable tag. Can you help review this patch soon?
Thanks Liming > -----Original Message----- > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Armour, > Nicholas > Sent: Thursday, February 13, 2020 7:54 AM > To: devel@edk2.groups.io > Cc: Armour, Nicholas <nicholas.arm...@intel.com>; Wu, Jiaxin > <jiaxin...@intel.com>; Maciej Rabeda > <maciej.rab...@linux.intel.com>; Fu, Siyuan <siyuan...@intel.com> > Subject: [edk2-devel] [PATCH 1/1] NetworkPkg/ArpDxe: Recycle invalid ARP > packets(CVE-2019-14559). > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2031 > > This patch triggers the RecycleEvent for invalid ARP packets. > Prior to this, we would just ignore invalid ARP packets, > and never free them. > > Cc: Jiaxin Wu <jiaxin...@intel.com> > Cc: Maciej Rabeda <maciej.rab...@linux.intel.com> > Cc: Siyuan Fu <siyuan...@intel.com> > Signed-off-by: Nicholas Armour <nicholas.arm...@intel.com> > --- > NetworkPkg/ArpDxe/ArpImpl.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/NetworkPkg/ArpDxe/ArpImpl.c b/NetworkPkg/ArpDxe/ArpImpl.c > index 9cdb33f2bd66..09fc8811f125 100644 > --- a/NetworkPkg/ArpDxe/ArpImpl.c > +++ b/NetworkPkg/ArpDxe/ArpImpl.c > @@ -125,6 +125,7 @@ ArpOnFrameRcvdDpc ( > Head->OpCode = NTOHS (Head->OpCode); > > if (RxData->DataLength < (sizeof (ARP_HEAD) + 2 * Head->HwAddrLen + 2 * > Head->ProtoAddrLen)) { > + gBS->SignalEvent (RxData->RecycleEvent); > goto RESTART_RECEIVE; > } > > -- > 2.16.2.windows.1 > > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#54525): https://edk2.groups.io/g/devel/message/54525 Mute This Topic: https://groups.io/mt/71240876/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
