From cc8e518d327b7ee851e28060b95a06edfcfc4400 Mon Sep 17 00:00:00 2001 From: ShenYage Date: Fri, 28 Feb 2025 16:18:39 +0800 Subject: [PATCH 2/2] NetworkPkg: DxeNetLib: SECURITY PATCH CVE-2023-45237 Relared Patch This commit is a patch for CVE-2023-45237. Using RngLib to generate a stronger pseudoRandom number for NetRandomInitSeed(). Signed-off-by: ShenYage --- NetworkPkg/Library/DxeNetLib/DxeNetLib.c | 22 ++++++++++++++-------- NetworkPkg/Library/DxeNetLib/DxeNetLib.inf | 1 + 2 files changed, 15 insertions(+), 8 deletions(-) diff --git a/NetworkPkg/Library/DxeNetLib/DxeNetLib.c b/NetworkPkg/Library/DxeNetLib/DxeNetLib.c index 2a555a7..f0b5ed8 100644 --- a/NetworkPkg/Library/DxeNetLib/DxeNetLib.c +++ b/NetworkPkg/Library/DxeNetLib/DxeNetLib.c @@ -31,6 +31,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include #define NIC_ITEM_CONFIG_SIZE (sizeof (NIC_IP4_CONFIG_INFO) + sizeof (EFI_IP4_ROUTE_TABLE) * MAX_IP4_CONFIG_IN_VARIABLE) #define DEFAULT_ZERO_START ((UINTN) ~0) @@ -908,14 +909,19 @@ NetRandomInitSeed ( EFI_TIME Time; UINT32 Seed; UINT64 MonotonicCount; - - gRT->GetTime (&Time, NULL); - Seed = (Time.Hour << 24 | Time.Day << 16 | Time.Minute << 8 | Time.Second); - Seed ^= Time.Nanosecond; - Seed ^= Time.Year << 7; - - gBS->GetNextMonotonicCount (&MonotonicCount); - Seed += (UINT32) MonotonicCount; + UINT32 RandomVal; + + if (GetRandomNumber32(&RandomVal)) { + Seed = RandomVal; + } else { + gRT->GetTime (&Time, NULL); + Seed = (Time.Hour << 24 | Time.Day << 16 | Time.Minute << 8 | Time.Second); + Seed ^= Time.Nanosecond; + Seed ^= Time.Year << 7; + + gBS->GetNextMonotonicCount (&MonotonicCount); + Seed += (UINT32) MonotonicCount; + } return Seed; } diff --git a/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf b/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf index 8145d25..ce90aa5 100644 --- a/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf +++ b/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf @@ -43,6 +43,7 @@ MemoryAllocationLib DevicePathLib PrintLib + RngLib [Guids] -- 2.33.0