packages/edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
edk2/0067-NetworkPkg-DxeNetLib-SECURITY-PATCH-CVE-2023-45237-R.patch
ShenYage 47faa28f95 fix some bugs for CVE-2023-45236、CVE-2023-45237 
Signed-off-by: ShenYage <shenyage1@huawei.com>
2025-02-28 22:15:51 +08:00

68 lines
2.2 KiB
Diff
Raw Permalink Blame History

From e0bdb75c67290d6851a4d2509fcfafaf9ef0e696 Mon Sep 17 00:00:00 2001
From: ShenYage <shenyage1@huawei.com>
Date: Fri, 28 Feb 2025 16:18:39 +0800
Subject: [PATCH 2/2] NetworkPkg: DxeNetLib: SECURITY PATCH CVE-2023-45237
Relared Patch
This commit is a patch for CVE-2023-45237. Using RngLib to generate a stronger pseudoRandom number for NetRandomInitSeed().
Signed-off-by: ShenYage <shenyage1@huawei.com>
---
NetworkPkg/Library/DxeNetLib/DxeNetLib.c | 18 ++++++++++++------
NetworkPkg/Library/DxeNetLib/DxeNetLib.inf | 1 +
2 files changed, 13 insertions(+), 6 deletions(-)
diff --git a/NetworkPkg/Library/DxeNetLib/DxeNetLib.c b/NetworkPkg/Library/DxeNetLib/DxeNetLib.c
index fd4a9e15..d24038e8 100644
--- a/NetworkPkg/Library/DxeNetLib/DxeNetLib.c
+++ b/NetworkPkg/Library/DxeNetLib/DxeNetLib.c
@@ -31,6 +31,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/DevicePathLib.h>
#include <Library/PrintLib.h>
#include <Library/UefiLib.h>
+#include <Library/RngLib.h>
#define NIC_ITEM_CONFIG_SIZE (sizeof (NIC_IP4_CONFIG_INFO) + sizeof (EFI_IP4_ROUTE_TABLE) * MAX_IP4_CONFIG_IN_VARIABLE)
#define DEFAULT_ZERO_START ((UINTN) ~0)
@@ -902,14 +903,19 @@ NetRandomInitSeed (
EFI_TIME Time;
UINT32 Seed;
UINT64 MonotonicCount;
+ UINT32 RandomVal;
- gRT->GetTime (&Time, NULL);
- Seed = (Time.Hour << 24 | Time.Day << 16 | Time.Minute << 8 | Time.Second);
- Seed ^= Time.Nanosecond;
- Seed ^= Time.Year << 7;
+ if (GetRandomNumber32(&RandomVal)) {
+ Seed = RandomVal;
+ } else {
+ gRT->GetTime (&Time, NULL);
+ Seed = (Time.Hour << 24 | Time.Day << 16 | Time.Minute << 8 | Time.Second);
+ Seed ^= Time.Nanosecond;
+ Seed ^= Time.Year << 7;
- gBS->GetNextMonotonicCount (&MonotonicCount);
- Seed += (UINT32)MonotonicCount;
+ gBS->GetNextMonotonicCount (&MonotonicCount);
+ Seed += (UINT32)MonotonicCount;
+ }
return Seed;
}
diff --git a/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf b/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf
index 8145d256..ce90aa5e 100644
--- a/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf
+++ b/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf
@@ -43,6 +43,7 @@
MemoryAllocationLib
DevicePathLib
PrintLib
+ RngLib
[Guids]
--
2.33.0
Reference in New Issue View Git Blame Copy Permalink