Apologies, forgot the debdiff. Now attached. -dann
diff -Nru edk2-2025.02/debian/changelog edk2-2025.02/debian/changelog
--- edk2-2025.02/debian/changelog 2025-05-12 20:18:11.000000000 -0600
+++ edk2-2025.02/debian/changelog 2025-11-08 11:06:17.000000000 -0700
@@ -1,3 +1,15 @@
+edk2 (2025.02-8+deb13u1) trixie; urgency=medium
+
+ * Cherry-pick openssl fix for timing side-channel in ECDSA signature
+ computation, CVE-2024-13176.
+ - d/p/0001-Fix-timing-side-channel-in-ECDSA-signature-computati.patch
+ * Fix out-of-bounds memory access in NetworkPkg/IScsiDxe, CVE-2024-38805.
+ - d/p/0001-NetworkPkg-IScsiDxe-Fix-for-out-of-bound-memory-acce.patch
+ * Safe handling of IDT register on SMM entry, CVE-2025-3770.
+ - d/p/0001-UefiCpuPkg-PiSmmCpuDxeSmm-Safe-handling-of-IDT-regis.patch
+
+ -- dann frazier <dannf@debian.org> Sat, 08 Nov 2025 11:06:17 -0700
+
edk2 (2025.02-8) unstable; urgency=medium
* ovmf, ovmf-ia32, qemu-efi-aarch64: Uninstall the EFI_MEMORY_ATTRIBUTE
diff -Nru edk2-2025.02/debian/patches/0001-Fix-timing-side-channel-in-ECDSA-signature-computati.patch edk2-2025.02/debian/patches/0001-Fix-timing-side-channel-in-ECDSA-signature-computati.patch
--- edk2-2025.02/debian/patches/0001-Fix-timing-side-channel-in-ECDSA-signature-computati.patch 1969-12-31 17:00:00.000000000 -0700
+++ edk2-2025.02/debian/patches/0001-Fix-timing-side-channel-in-ECDSA-signature-computati.patch 2025-11-08 11:06:17.000000000 -0700
@@ -0,0 +1,120 @@
+From 63c40a66c5dc287485705d06122d3a6e74a6a203 Mon Sep 17 00:00:00 2001
+From: Tomas Mraz <tomas@openssl.org>
+Date: Wed, 15 Jan 2025 18:27:02 +0100
+Subject: [PATCH] Fix timing side-channel in ECDSA signature computation
+
+There is a timing signal of around 300 nanoseconds when the top word of
+the inverted ECDSA nonce value is zero. This can happen with significant
+probability only for some of the supported elliptic curves. In particular
+the NIST P-521 curve is affected. To be able to measure this leak, the
+attacker process must either be located in the same physical computer or
+must have a very fast network connection with low latency.
+
+Attacks on ECDSA nonce are also known as Minerva attack.
+
+Fixes CVE-2024-13176
+
+Reviewed-by: Tim Hudson <tjh@openssl.org>
+Reviewed-by: Neil Horman <nhorman@openssl.org>
+Reviewed-by: Paul Dale <ppzgs1@gmail.com>
+(Merged from https://github.com/openssl/openssl/pull/26429)
+
+Origin: https://github.com/openssl/openssl/commit/63c40a66c5dc287485705d06122d3a6e74a6a203
+Last-Updated: 2025-05-14
+
+diff --git a/CryptoPkg/Library/OpensslLib/openssl/crypto/bn/bn_exp.c b/CryptoPkg/Library/OpensslLib/openssl/crypto/bn/bn_exp.c
+index b876edbfac..af52e2ced6 100644
+--- a/CryptoPkg/Library/OpensslLib/openssl/crypto/bn/bn_exp.c
++++ b/CryptoPkg/Library/OpensslLib/openssl/crypto/bn/bn_exp.c
+@@ -606,7 +606,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top,
+ * out by Colin Percival,
+ * http://www.daemonology.net/hyperthreading-considered-harmful/)
+ */
+-int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
++int bn_mod_exp_mont_fixed_top(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx,
+ BN_MONT_CTX *in_mont)
+ {
+@@ -623,10 +623,6 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
+ unsigned int t4 = 0;
+ #endif
+
+- bn_check_top(a);
+- bn_check_top(p);
+- bn_check_top(m);
+-
+ if (!BN_is_odd(m)) {
+ ERR_raise(ERR_LIB_BN, BN_R_CALLED_WITH_EVEN_MODULUS);
+ return 0;
+@@ -1146,7 +1142,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
+ goto err;
+ } else
+ #endif
+- if (!BN_from_montgomery(rr, &tmp, mont, ctx))
++ if (!bn_from_mont_fixed_top(rr, &tmp, mont, ctx))
+ goto err;
+ ret = 1;
+ err:
+@@ -1160,6 +1156,19 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
+ return ret;
+ }
+
++int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
++ const BIGNUM *m, BN_CTX *ctx,
++ BN_MONT_CTX *in_mont)
++{
++ bn_check_top(a);
++ bn_check_top(p);
++ bn_check_top(m);
++ if (!bn_mod_exp_mont_fixed_top(rr, a, p, m, ctx, in_mont))
++ return 0;
++ bn_correct_top(rr);
++ return 1;
++}
++
+ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
+ {
+diff --git a/CryptoPkg/Library/OpensslLib/openssl/crypto/ec/ec_lib.c b/CryptoPkg/Library/OpensslLib/openssl/crypto/ec/ec_lib.c
+index 19384eba18..3f8d65c1bf 100644
+--- a/CryptoPkg/Library/OpensslLib/openssl/crypto/ec/ec_lib.c
++++ b/CryptoPkg/Library/OpensslLib/openssl/crypto/ec/ec_lib.c
+@@ -21,6 +21,7 @@
+ #include <openssl/opensslv.h>
+ #include <openssl/param_build.h>
+ #include "crypto/ec.h"
++#include "crypto/bn.h"
+ #include "internal/nelem.h"
+ #include "ec_local.h"
+
+@@ -1265,10 +1266,10 @@ static int ec_field_inverse_mod_ord(const EC_GROUP *group, BIGNUM *r,
+ if (!BN_sub(e, group->order, e))
+ goto err;
+ /*-
+- * Exponent e is public.
+- * No need for scatter-gather or BN_FLG_CONSTTIME.
++ * Although the exponent is public we want the result to be
++ * fixed top.
+ */
+- if (!BN_mod_exp_mont(r, x, e, group->order, ctx, group->mont_data))
++ if (!bn_mod_exp_mont_fixed_top(r, x, e, group->order, ctx, group->mont_data))
+ goto err;
+
+ ret = 1;
+diff --git a/CryptoPkg/Library/OpensslLib/openssl/include/crypto/bn.h b/CryptoPkg/Library/OpensslLib/openssl/include/crypto/bn.h
+index 47d9b44f87..bdee28625c 100644
+--- a/CryptoPkg/Library/OpensslLib/openssl/include/crypto/bn.h
++++ b/CryptoPkg/Library/OpensslLib/openssl/include/crypto/bn.h
+@@ -73,6 +73,9 @@ int bn_set_words(BIGNUM *a, const BN_ULONG *words, int num_words);
+ */
+ int bn_mul_mont_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ BN_MONT_CTX *mont, BN_CTX *ctx);
++int bn_mod_exp_mont_fixed_top(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
++ const BIGNUM *m, BN_CTX *ctx,
++ BN_MONT_CTX *in_mont);
+ int bn_to_mont_fixed_top(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
+ BN_CTX *ctx);
+ int bn_from_mont_fixed_top(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
+--
+2.49.0
+
diff -Nru edk2-2025.02/debian/patches/0001-NetworkPkg-IScsiDxe-Fix-for-out-of-bound-memory-acce.patch edk2-2025.02/debian/patches/0001-NetworkPkg-IScsiDxe-Fix-for-out-of-bound-memory-acce.patch
--- edk2-2025.02/debian/patches/0001-NetworkPkg-IScsiDxe-Fix-for-out-of-bound-memory-acce.patch 1969-12-31 17:00:00.000000000 -0700
+++ edk2-2025.02/debian/patches/0001-NetworkPkg-IScsiDxe-Fix-for-out-of-bound-memory-acce.patch 2025-11-08 11:06:17.000000000 -0700
@@ -0,0 +1,73 @@
+From b3a2f7ff24e156e8c4d694fffff01e95a048c536 Mon Sep 17 00:00:00 2001
+From: Santhosh Kumar V <santhoshkumarv@ami.com>
+Date: Wed, 7 May 2025 18:53:30 +0530
+Subject: [PATCH] NetworkPkg/IScsiDxe:Fix for out of bound memory access for
+ bz4207 (CVE-2024-38805)
+
+In IScsiBuildKeyValueList, check if we have any data left (Len > 0) before advancing the Data pointer and reducing Len.
+Avoids wrapping Len. Also Used SafeUint32SubSafeUint32Sub call to reduce the Len .
+
+Signed-off-by: santhosh kumar V <santhoshkumarv@ami.com>
+
+Origin: https://github.com/tianocore/edk2/commit/b3a2f7ff24e156e8c4d694fffff01e95a048c536
+Last-Updated: 2025-05-15
+
+diff --git a/NetworkPkg/IScsiDxe/IScsiProto.c b/NetworkPkg/IScsiDxe/IScsiProto.c
+index fb48e6304d..13394dbfc6 100644
+--- a/NetworkPkg/IScsiDxe/IScsiProto.c
++++ b/NetworkPkg/IScsiDxe/IScsiProto.c
+@@ -1880,6 +1880,8 @@ IScsiBuildKeyValueList (
+ {
+ LIST_ENTRY *ListHead;
+ ISCSI_KEY_VALUE_PAIR *KeyValuePair;
++ EFI_STATUS Status;
++ UINT32 Result;
+
+ ListHead = AllocatePool (sizeof (LIST_ENTRY));
+ if (ListHead == NULL) {
+@@ -1903,9 +1905,14 @@ IScsiBuildKeyValueList (
+ Data++;
+ }
+
+- if (*Data == '=') {
++ // Here Len must not be zero.
++ // The value of Len is size of data buffer. Actually, Data is make up of strings.
++ // AuthMethod=None\0TargetAlias=LIO Target\0 TargetPortalGroupTag=1\0
++ // (1) Len == 0, *Data != '=' goto ON_ERROR
++ // (2) *Data == '=', Len != 0 normal case.
++ // (3) *Data == '=', Len == 0, Between Data and Len are mismatch, Len isn't all size of data, as error.
++ if ((Len > 0) && (*Data == '=')) {
+ *Data = '\0';
+-
+ Data++;
+ Len--;
+ } else {
+@@ -1915,10 +1922,22 @@ IScsiBuildKeyValueList (
+
+ KeyValuePair->Value = Data;
+
+- InsertTailList (ListHead, &KeyValuePair->List);
++ Status = SafeUint32Add ((UINT32)AsciiStrLen (KeyValuePair->Value), 1, &Result);
++ if (EFI_ERROR (Status)) {
++ DEBUG ((DEBUG_ERROR, "%a Memory Overflow is Detected.\n", __func__));
++ FreePool (KeyValuePair);
++ goto ON_ERROR;
++ }
+
+- Data += AsciiStrLen (KeyValuePair->Value) + 1;
+- Len -= (UINT32)AsciiStrLen (KeyValuePair->Value) + 1;
++ Status = SafeUint32Sub (Len, Result, &Len);
++ if (EFI_ERROR (Status)) {
++ DEBUG ((DEBUG_ERROR, "%a Out of bound memory access Detected.\n", __func__));
++ FreePool (KeyValuePair);
++ goto ON_ERROR;
++ }
++
++ InsertTailList (ListHead, &KeyValuePair->List);
++ Data += Result;
+ }
+
+ return ListHead;
+--
+2.49.0
+
diff -Nru edk2-2025.02/debian/patches/0001-UefiCpuPkg-PiSmmCpuDxeSmm-Safe-handling-of-IDT-regis.patch edk2-2025.02/debian/patches/0001-UefiCpuPkg-PiSmmCpuDxeSmm-Safe-handling-of-IDT-regis.patch
--- edk2-2025.02/debian/patches/0001-UefiCpuPkg-PiSmmCpuDxeSmm-Safe-handling-of-IDT-regis.patch 1969-12-31 17:00:00.000000000 -0700
+++ edk2-2025.02/debian/patches/0001-UefiCpuPkg-PiSmmCpuDxeSmm-Safe-handling-of-IDT-regis.patch 2025-11-08 11:06:17.000000000 -0700
@@ -0,0 +1,45 @@
+From d2d8d38ee08c5e602fb092f940dfecc1f5a4eb38 Mon Sep 17 00:00:00 2001
+From: John Mathews <john.mathews@intel.com>
+Date: Fri, 30 May 2025 11:06:49 -0700
+Subject: [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Safe handling of IDT register on
+ SMM entry
+
+Mitigates CVE-2025-3770
+
+Do not assume that IDT.limit is loaded with a zero value upon SMM entry.
+Delay enabling Machine Check Exceptions in SMM until after the SMM IDT
+has been reloaded.
+
+Signed-off-by: John Mathews <john.mathews@intel.com>
+
+Origin: https://github.com/tianocore/edk2/commit/d2d8d38ee08c5e602fb092f940dfecc1f5a4eb38
+Last-Updated: 2025-08-18
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110533
+
+diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
+index 644366ba19..6e1cd45c04 100644
+--- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
++++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm
+@@ -113,7 +113,7 @@ ProtFlatMode:
+ mov eax, strict dword 0 ; source operand will be patched
+ ASM_PFX(gPatchSmiCr3):
+ mov cr3, rax
+- mov eax, 0x668 ; as cr4.PGE is not set here, refresh cr3
++ mov eax, 0x628 ; as cr4.PGE is not set here, refresh cr3
+
+ mov cl, strict byte 0 ; source operand will be patched
+ ASM_PFX(gPatch5LevelPagingNeeded):
+@@ -204,6 +204,10 @@ SmiHandlerIdtrAbsAddr:
+ mov ax, [rbx + DSC_SS]
+ mov ss, eax
+
++ mov rax, cr4 ; enable MCE
++ bts rax, 6
++ mov cr4, rax
++
+ mov rbx, [rsp + 0x8] ; rbx <- CpuIndex
+
+ ; enable CET if supported
+--
+2.47.2
+
diff -Nru edk2-2025.02/debian/patches/series edk2-2025.02/debian/patches/series
--- edk2-2025.02/debian/patches/series 2025-05-12 20:18:11.000000000 -0600
+++ edk2-2025.02/debian/patches/series 2025-11-08 11:06:17.000000000 -0700
@@ -9,3 +9,6 @@
0002-SecurityPkg-Improving-HashPeImageByType-logic.patch
0003-SecurityPkg-Improving-SecureBootConfigImpl-HashPeIma.patch
0004-SecurityPkg-Update-SecurityFixes.yaml-for-CVE-2024-3.patch
+0001-Fix-timing-side-channel-in-ECDSA-signature-computati.patch
+0001-NetworkPkg-IScsiDxe-Fix-for-out-of-bound-memory-acce.patch
+0001-UefiCpuPkg-PiSmmCpuDxeSmm-Safe-handling-of-IDT-regis.patch
Attachment:
signature.asc
Description: PGP signature