rpm package
suse/shim&distro=SUSE Linux Enterprise Server 12 SP4-LTSS
pkg:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-28737 | — | < 15.7-25.24.1 | 15.7-25.24.1 | Jul 20, 2023 | There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memo | ||
| CVE-2020-10713 | — | < 15+git47-25.11.1 | 15+git47-25.11.1 | Jul 30, 2020 | A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to |
- CVE-2022-28737Jul 20, 2023affected < 15.7-25.24.1fixed 15.7-25.24.1
There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memo
- CVE-2020-10713Jul 30, 2020affected < 15+git47-25.11.1fixed 15+git47-25.11.1
A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to