rpm package
suse/shim&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
pkg:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS
Vulnerabilities (8)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-2312 | — | < 16.1-150300.4.31.3 | 16.1-150300.4.31.3 | Apr 5, 2024 | GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass. | ||
| CVE-2023-40551 | — | < 15.8-150300.4.20.2 | 15.8-150300.4.20.2 | Jan 29, 2024 | A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase. | ||
| CVE-2023-40546 | — | < 15.8-150300.4.20.2 | 15.8-150300.4.20.2 | Jan 29, 2024 | A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, | ||
| CVE-2023-40549 | — | < 15.8-150300.4.20.2 | 15.8-150300.4.20.2 | Jan 29, 2024 | An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service. | ||
| CVE-2023-40550 | — | < 15.8-150300.4.20.2 | 15.8-150300.4.20.2 | Jan 29, 2024 | An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase. | ||
| CVE-2023-40548 | — | < 15.8-150300.4.20.2 | 15.8-150300.4.20.2 | Jan 29, 2024 | A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer | ||
| CVE-2023-40547 | — | < 15.8-150300.4.20.2 | 15.8-150300.4.20.2 | Jan 25, 2024 | A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitiv | ||
| CVE-2022-28737 | — | < 15.8-150300.4.20.2 | 15.8-150300.4.20.2 | Jul 20, 2023 | There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memo |
- CVE-2024-2312Apr 5, 2024affected < 16.1-150300.4.31.3fixed 16.1-150300.4.31.3
GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.
- CVE-2023-40551Jan 29, 2024affected < 15.8-150300.4.20.2fixed 15.8-150300.4.20.2
A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase.
- CVE-2023-40546Jan 29, 2024affected < 15.8-150300.4.20.2fixed 15.8-150300.4.20.2
A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it,
- CVE-2023-40549Jan 29, 2024affected < 15.8-150300.4.20.2fixed 15.8-150300.4.20.2
An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service.
- CVE-2023-40550Jan 29, 2024affected < 15.8-150300.4.20.2fixed 15.8-150300.4.20.2
An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase.
- CVE-2023-40548Jan 29, 2024affected < 15.8-150300.4.20.2fixed 15.8-150300.4.20.2
A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer
- CVE-2023-40547Jan 25, 2024affected < 15.8-150300.4.20.2fixed 15.8-150300.4.20.2
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitiv
- CVE-2022-28737Jul 20, 2023affected < 15.8-150300.4.20.2fixed 15.8-150300.4.20.2
There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memo