CC: @Mathews, John and @Zimmer, Vincent Hi @Gerd Hoffmann
My company teammate share me your patch can resolved https://bugzilla.tianocore.org/show_bug.cgi?id=4166. So the signed-off name is your name. If you have any concern, you can also share for me, if you don't have concern please also let me know, before merging it. It's PR https://github.com/tianocore/edk2/pull/5252/ Thanks, Gua -----Original Message----- From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Guo, Gua Sent: Thursday, January 11, 2024 1:15 PM To: devel@edk2.groups.io Cc: Guo, Gua <gua....@intel.com> Subject: [edk2-devel] [PATCH v1 0/4] Bz4166: Integer Overflow in CreateHob() From: Gua Guo <gua....@intel.com> Fix Integer Overflow for CVE-2022-36765 1. UefiPayloadPkg/Hob: Integer Overflow in CreateHob() 2. StandaloneMmPkg/Hob: Integer Overflow in CreateHob() 3. EmbeddedPkg/Hob: Integer Overflow in CreateHob() 4. MdeModulePkg/Hob: Integer Overflow in CreateHob() Gerd Hoffmann (4): UefiPayloadPkg/Hob: Integer Overflow in CreateHob() StandaloneMmPkg/Hob: Integer Overflow in CreateHob() EmbeddedPkg/Hob: Integer Overflow in CreateHob() MdeModulePkg/Hob: Integer Overflow in CreateHob() EmbeddedPkg/Library/PrePiHobLib/Hob.c | 6 ++++++ MdeModulePkg/Core/Pei/Hob/Hob.c | 2 +- .../StandaloneMmCoreHobLib/Arm/StandaloneMmCoreHobLib.c | 6 ++++++ UefiPayloadPkg/Library/PayloadEntryHobLib/Hob.c | 6 ++++++ 4 files changed, 19 insertions(+), 1 deletion(-) -- 2.39.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#113593): https://edk2.groups.io/g/devel/message/113593 Mute This Topic: https://groups.io/mt/103657270/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-