Google Git
Sign in
fuchsia / third_party / edk2 / 284dbac43da752ee34825c8b3f6f9e8281cb5a19
commit284dbac43da752ee34825c8b3f6f9e8281cb5a19[log] [tgz]
authorShanmugavel Pakkirisamy <shanmugavelx.pakkirisamy@intel.com>Mon May 06 17:53:09 2024 +0800
committermergify[bot] <37929162+mergify[bot]@users.noreply.github.com>Fri May 17 05:33:52 2024 +0000
tree9be6f8401fe1dd34f2bf33973e1a65cd22f1d4a9
parent558a25366d66e9ff96784ed3aab476f808531bf3 [diff]
MdeModulePkg: Potential UINT32 overflow in S3 ResumeCount

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4677

Attacker able to modify physical memory and ResumeCount.
System will crash/DoS when ResumeCount reaches its MAX_UINT32.

Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>

Signed-off-by: Pakkirisamy ShanmugavelX <shanmugavelx.pakkirisamy@intel.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
1 file changed
tree: 9be6f8401fe1dd34f2bf33973e1a65cd22f1d4a9
  1. .azurepipelines/
  2. .devcontainer/
  3. .github/
  4. .mergify/
  5. .pytool/
  6. ArmPkg/
  7. ArmPlatformPkg/
  8. ArmVirtPkg/
  9. BaseTools/
  10. Conf/
  11. CryptoPkg/
  12. DynamicTablesPkg/
  13. EmbeddedPkg/
  14. EmulatorPkg/
  15. FatPkg/
  16. FmpDevicePkg/
  17. IntelFsp2Pkg/
  18. IntelFsp2WrapperPkg/
  19. MdeModulePkg/
  20. MdePkg/
  21. NetworkPkg/
  22. OvmfPkg/
  23. PcAtChipsetPkg/
  24. PrmPkg/
  25. RedfishPkg/
  26. SecurityPkg/
  27. ShellPkg/
  28. SignedCapsulePkg/
  29. SourceLevelDebugPkg/
  30. StandaloneMmPkg/
  31. UefiCpuPkg/
  32. UefiPayloadPkg/
  33. UnitTestFrameworkPkg/
  34. .editorconfig
  35. .git-blame-ignore-revs
  36. .gitignore
  37. .gitmodules
  38. .mailmap
  39. CONTRIBUTING.md
  40. edksetup.bat
  41. edksetup.sh
  42. License-History.txt
  43. License.txt
  44. Maintainers.txt
  45. pip-requirements.txt
  46. ReadMe.rst