|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-0: CVE-2022-36763: ovmf: EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise | ||
|---|---|---|---|
| Product: | [Novell Products] SUSE Security Incidents | Reporter: | SMASH SMASH <smash_bz> |
| Component: | Incidents | Assignee: | Joey Lee <jlee> |
| Status: | IN_PROGRESS --- | QA Contact: | Security Team bot <security-team> |
| Severity: | Normal | ||
| Priority: | P3 - Medium | CC: | jlee, meissner, stoyan.manolov |
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| URL: | https://smash.suse.de/issue/390488/ | ||
| Whiteboard: | CVSSv3.1:SUSE:CVE-2022-36763:7.0:(AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H) | ||
| Found By: | Security Response Team | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
|
Description
SMASH SMASH
2024-01-10 05:26:46 UTC
(In reply to SMASH SMASH from comment #0) > EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() > function, allowing a user to trigger a heap buffer overflow via a local > network. Successful exploitation of this vulnerability may result in a > compromise of confidentiality, integrity, and/or availability. > > References: > http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36763 > https://www.cve.org/CVERecord?id=CVE-2022-36763 > https://github.com/tianocore/edk2/security/advisories/GHSA-xvv8-66cq-prwr I will backport patch in the above edk2 bug after it be merged to edk2 mainline. (In reply to Joey Lee from comment #2) > (In reply to SMASH SMASH from comment #0) > > EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() > > function, allowing a user to trigger a heap buffer overflow via a local > > network. Successful exploitation of this vulnerability may result in a > > compromise of confidentiality, integrity, and/or availability. > > > > References: > > http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36763 > > https://www.cve.org/CVERecord?id=CVE-2022-36763 > > https://github.com/tianocore/edk2/security/advisories/GHSA-xvv8-66cq-prwr > > I will backport patch in the above edk2 bug after it be merged to edk2 > mainline. Those patches be merged to edk2 mainline. I will backport them. commit 1ddcb9fc6b4164e882687b031e8beacfcf7df29e [edk2-stable202402] Author: Douglas Flick [MSFT] <doug.edk2@gmail.com> Date: Fri Jan 12 02:16:03 2024 +0800 SecurityPkg: : Adding CVE 2022-36763 to SecurityFixes.yaml commit 4776a1b39ee08fc45c70c1eab5a0195f325000d3 [edk2-stable202402] Author: Douglas Flick [MSFT] <doug.edk2@gmail.com> Date: Fri Jan 12 02:16:02 2024 +0800 SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117 - CVE 2022-36763 commit 224446543206450ddb5830e6abd026d61d3c7f4b [edk2-stable202402] Author: Douglas Flick [MSFT] <doug.edk2@gmail.com> Date: Fri Jan 12 02:16:01 2024 +0800 SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117 - CVE 2022-36763 commit 264636d8e6983e0f6dc6be2fca9d84ec81315954 Author: Doug Flick <dougflick@microsoft.com> Date: Wed Jan 17 14:47:22 2024 -0800 SecurityPkg: : Updating SecurityFixes.yaml after symbol rename commit 326db0c9072004dea89427ea3a44393a84966f2b Author: Doug Flick <dougflick@microsoft.com> Date: Wed Jan 17 14:47:21 2024 -0800 SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117/4118 symbol rename commit 40adbb7f628dee79156c679fb0857968b61b7620 Author: Doug Flick <dougflick@microsoft.com> Date: Wed Jan 17 14:47:20 2024 -0800 SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117/4118 symbol rename Backported patches be submitted to 15-SP6 and wait to be merged: https://build.suse.de/request/show/329676 (In reply to Joey Lee from comment #7) > Backported patches be submitted to 15-SP6 and wait to be merged: > > https://build.suse.de/request/show/329676 Backported patch be merged to 15-SP6/ovmf Does this affect older ovmf? |