rpm package
suse/shim&distro=SUSE Linux Enterprise Server 12 SP5
pkg:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5
Vulnerabilities (8)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-40551 | — | < 15.8-25.30.1 | 15.8-25.30.1 | Jan 29, 2024 | A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase. | ||
| CVE-2023-40546 | — | < 15.8-25.30.1 | 15.8-25.30.1 | Jan 29, 2024 | A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, | ||
| CVE-2023-40549 | — | < 15.8-25.30.1 | 15.8-25.30.1 | Jan 29, 2024 | An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service. | ||
| CVE-2023-40550 | — | < 15.8-25.30.1 | 15.8-25.30.1 | Jan 29, 2024 | An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase. | ||
| CVE-2023-40548 | — | < 15.8-25.30.1 | 15.8-25.30.1 | Jan 29, 2024 | A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer | ||
| CVE-2023-40547 | — | < 15.8-25.30.1 | 15.8-25.30.1 | Jan 25, 2024 | A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitiv | ||
| CVE-2022-28737 | — | < 15.7-25.24.1 | 15.7-25.24.1 | Jul 20, 2023 | There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memo | ||
| CVE-2020-10713 | — | < 15+git47-25.11.1 | 15+git47-25.11.1 | Jul 30, 2020 | A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to |
- CVE-2023-40551Jan 29, 2024affected < 15.8-25.30.1fixed 15.8-25.30.1
A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase.
- CVE-2023-40546Jan 29, 2024affected < 15.8-25.30.1fixed 15.8-25.30.1
A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it,
- CVE-2023-40549Jan 29, 2024affected < 15.8-25.30.1fixed 15.8-25.30.1
An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service.
- CVE-2023-40550Jan 29, 2024affected < 15.8-25.30.1fixed 15.8-25.30.1
An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase.
- CVE-2023-40548Jan 29, 2024affected < 15.8-25.30.1fixed 15.8-25.30.1
A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer
- CVE-2023-40547Jan 25, 2024affected < 15.8-25.30.1fixed 15.8-25.30.1
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitiv
- CVE-2022-28737Jul 20, 2023affected < 15.7-25.24.1fixed 15.7-25.24.1
There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memo
- CVE-2020-10713Jul 30, 2020affected < 15+git47-25.11.1fixed 15+git47-25.11.1
A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to