mirror of
https://git.yoctoproject.org/poky
synced 2026-03-10 01:09:40 +01:00
e8a9aac72d
EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability. References: https://nvd.nist.gov/vuln/detail/CVE-2022-36765 Upstream-patches:59f024c76eaeaee8944f9a75b030cf(From OE-Core rev: 260fc2182e6a83d7c93b2e8efd95255cd9168a79) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>