)]}'
{
  "commit": "b33fd8ab1caa07aeb290ef5dac44a4e7fd4be02b",
  "tree": "d88f3ef50b1006e6dbf3019bf5b9d624179445bb",
  "parents": [
    "ac6721b88df944ade0048822b2b74210f543d656"
  ],
  "author": {
    "name": "Gerd Hoffmann",
    "email": "kraxel@redhat.com",
    "time": "Tue May 12 08:05:23 2026 +0200"
  },
  "committer": {
    "name": "Gerd Hoffmann",
    "email": "kraxel@redhat.com",
    "time": "Mon May 18 14:59:11 2026 +0200"
  },
  "message": "hw/uefi: check auth.hdr_length minimum size\n\nauth.hdr_length maximum is already checked (against buffer size).  The\nheader has some fixed fields which are included in the header length, so\nthere also is a minimum size which must be verified.  Add a check for\nthat.  Fixes possible integer underflow.\n\nWhile being at it replace the magic number \u002724\u0027 with sizeof calculations\nfor better code documentation.\n\nFixes: CVE-2026-8341\nFixes: f1488fac0584 (\"hw/uefi: add var-service-auth.c\")\nReported-by: Feifan Qian \u003cbea1e@proton.me\u003e\nReviewed-by: Daniel P. Berrangé \u003cberrange@redhat.com\u003e\nSigned-off-by: Gerd Hoffmann \u003ckraxel@redhat.com\u003e\nMessage-ID: \u003c20260512060523.17493-1-kraxel@redhat.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "795f2f54e4ab853d376e315673cb5c83649f01e8",
      "old_mode": 33188,
      "old_path": "hw/uefi/var-service-auth.c",
      "new_id": "f3dc9c6ca608a22afdd5d68712aa411c78889168",
      "new_mode": 33188,
      "new_path": "hw/uefi/var-service-auth.c"
    },
    {
      "type": "modify",
      "old_id": "c859743e8677070879ad454ebb720f56f0a25c5b",
      "old_mode": 33188,
      "old_path": "hw/uefi/var-service-pkcs7.c",
      "new_id": "8a1f1395a2fb6088cf1b680cc3112b1c1de3ddf1",
      "new_mode": 33188,
      "new_path": "hw/uefi/var-service-pkcs7.c"
    }
  ]
}
