rpm package
suse/shim&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
pkg:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOS
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-28737 | — | < 15.7-150300.4.11.1 | 15.7-150300.4.11.1 | Jul 20, 2023 | There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memo |
- CVE-2022-28737Jul 20, 2023affected < 15.7-150300.4.11.1fixed 15.7-150300.4.11.1
There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memo