Skip to content

Commit

Permalink
SecurityPkg: : Adding CVE 2022-36764 to SecurityFixes.yaml
Browse files Browse the repository at this point in the history 
This creates / adds a security file that tracks the security fixes
found in this package and can be used to find the fixes that were
applied.

Cc: Jiewen Yao <jiewen.yao@intel.com>

Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
  • Loading branch information
@mergify
Douglas Flick [MSFT] authored and mergify[bot] committed Jan 16, 2024
1 parent 0d341c0 commit 8f6d343
Showing 1 changed file with 14 additions and 0 deletions.
14 changes: 14 additions & 0 deletions SecurityPkg/SecurityFixes.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,3 +20,17 @@ CVE_2022_36763:
- https://bugzilla.tianocore.org/show_bug.cgi?id=4117
- https://bugzilla.tianocore.org/show_bug.cgi?id=2168
- https://bugzilla.tianocore.org/show_bug.cgi?id=1990
CVE_2022_36764:
commit_titles:
- "SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764"
- "SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764"
- "SecurityPkg: : Adding CVE 2022-36764 to SecurityFixes.yaml"
cve: CVE-2022-36764
date_reported: 2022-10-25 12:23 UTC
description: Heap Buffer Overflow in Tcg2MeasurePeImage()
note:
files_impacted:
- Library\DxeTpm2MeasureBootLib\DxeTpm2MeasureBootLib.c
- Library\DxeTpmMeasureBootLib\DxeTpmMeasureBootLib.c
links:
- https://bugzilla.tianocore.org/show_bug.cgi?id=4118

0 comments on commit 8f6d343

Please sign in to comment.