From e0bdb75c67290d6851a4d2509fcfafaf9ef0e696 Mon Sep 17 00:00:00 2001 From: ShenYage Date: Fri, 28 Feb 2025 16:18:39 +0800 Subject: [PATCH 2/2] NetworkPkg: DxeNetLib: SECURITY PATCH CVE-2023-45237 Relared Patch This commit is a patch for CVE-2023-45237. Using RngLib to generate a stronger pseudoRandom number for NetRandomInitSeed(). Signed-off-by: ShenYage --- NetworkPkg/Library/DxeNetLib/DxeNetLib.c | 18 ++++++++++++------ NetworkPkg/Library/DxeNetLib/DxeNetLib.inf | 1 + 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/NetworkPkg/Library/DxeNetLib/DxeNetLib.c b/NetworkPkg/Library/DxeNetLib/DxeNetLib.c index fd4a9e15..d24038e8 100644 --- a/NetworkPkg/Library/DxeNetLib/DxeNetLib.c +++ b/NetworkPkg/Library/DxeNetLib/DxeNetLib.c @@ -31,6 +31,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include #define NIC_ITEM_CONFIG_SIZE (sizeof (NIC_IP4_CONFIG_INFO) + sizeof (EFI_IP4_ROUTE_TABLE) * MAX_IP4_CONFIG_IN_VARIABLE) #define DEFAULT_ZERO_START ((UINTN) ~0) @@ -902,14 +903,19 @@ NetRandomInitSeed ( EFI_TIME Time; UINT32 Seed; UINT64 MonotonicCount; + UINT32 RandomVal; - gRT->GetTime (&Time, NULL); - Seed = (Time.Hour << 24 | Time.Day << 16 | Time.Minute << 8 | Time.Second); - Seed ^= Time.Nanosecond; - Seed ^= Time.Year << 7; + if (GetRandomNumber32(&RandomVal)) { + Seed = RandomVal; + } else { + gRT->GetTime (&Time, NULL); + Seed = (Time.Hour << 24 | Time.Day << 16 | Time.Minute << 8 | Time.Second); + Seed ^= Time.Nanosecond; + Seed ^= Time.Year << 7; - gBS->GetNextMonotonicCount (&MonotonicCount); - Seed += (UINT32)MonotonicCount; + gBS->GetNextMonotonicCount (&MonotonicCount); + Seed += (UINT32)MonotonicCount; + } return Seed; } diff --git a/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf b/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf index 8145d256..ce90aa5e 100644 --- a/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf +++ b/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf @@ -43,6 +43,7 @@ MemoryAllocationLib DevicePathLib PrintLib + RngLib [Guids] -- 2.33.0