代码拉取完成,页面将自动刷新
From 02c99cab3ac4b61a9e274e1db7802a06e772abaf Mon Sep 17 00:00:00 2001
From: "Douglas Flick [MSFT]" <[email protected]>
Date: Fri, 12 Jan 2024 02:16:06 +0800
Subject: [PATCH 06/10] SecurityPkg: : Adding CVE 2022-36764 to
SecurityFixes.yaml
This creates / adds a security file that tracks the security fixes
found in this package and can be used to find the fixes that were
applied.
Cc: Jiewen Yao <[email protected]>
Signed-off-by: Doug Flick [MSFT] <[email protected]>
Reviewed-by: Jiewen Yao <[email protected]>
reference: https://github.com/tianocore/edk2/pull/5264
Signed-off-by: yexiao <[email protected]>
---
SecurityPkg/SecurityFixes.yaml | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/SecurityPkg/SecurityFixes.yaml b/SecurityPkg/SecurityFixes.yaml
index 36ac267e..ceaaa256 100644
--- a/SecurityPkg/SecurityFixes.yaml
+++ b/SecurityPkg/SecurityFixes.yaml
@@ -20,3 +20,17 @@ CVE_2022_36763:
- https://bugzilla.tianocore.org/show_bug.cgi?id=4117
- https://bugzilla.tianocore.org/show_bug.cgi?id=2168
- https://bugzilla.tianocore.org/show_bug.cgi?id=1990
+CVE_2022_36764:
+ commit_titles:
+ - "SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764"
+ - "SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764"
+ - "SecurityPkg: : Adding CVE 2022-36764 to SecurityFixes.yaml"
+ cve: CVE-2022-36764
+ date_reported: 2022-10-25 12:23 UTC
+ description: Heap Buffer Overflow in Tcg2MeasurePeImage()
+ note:
+ files_impacted:
+ - Library\DxeTpm2MeasureBootLib\DxeTpm2MeasureBootLib.c
+ - Library\DxeTpmMeasureBootLib\DxeTpmMeasureBootLib.c
+ links:
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4118
--
2.33.0
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。