8.3 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
7.1 High
AI Score
Confidence
High
0.025 Low
EPSS
Percentile
90.2%
Debian LTS Advisory DLA-3813-1 [email protected]
https://www.debian.org/lts/security/ Bastien Roucariès
May 13, 2024 https://wiki.debian.org/LTS
Package : shim
Version : 15.8-1~deb10u1
CVE ID : CVE-2023-40546 CVE-2023-40547 CVE-2023-40548 CVE-2023-40549 CVE-2023-40550 CVE-2023-40551
Debian Bug : 1046268 1069054
This release fixes various issues in shim bootloader and updates it to
a supported version. Older versions of the shim may eventually be blocked
by Secure Boot, so it is strongly advised for Secure Boot enabled systems
to upgrade to this newer version to keep the system bootable.
For Debian 10 buster, this problem has been fixed in version
15.8-1~deb10u1.
We recommend that you upgrade your shim packages.
For the detailed security status of shim please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/shim
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 10 | arm64 | shim-helpers-arm64-signed-template | < 15.8-1~deb10u1 | shim-helpers-arm64-signed-template_15.8-1~deb10u1_arm64.deb |
Debian | 10 | i386 | shim-helpers-i386-signed-template | < 15.8-1~deb10u1 | shim-helpers-i386-signed-template_15.8-1~deb10u1_i386.deb |
Debian | 10 | arm64 | shim-unsigned | < 15.8-1~deb10u1 | shim-unsigned_15.8-1~deb10u1_arm64.deb |
Debian | 10 | amd64 | shim-unsigned | < 15.8-1~deb10u1 | shim-unsigned_15.8-1~deb10u1_amd64.deb |
Debian | 10 | i386 | shim-unsigned | < 15.8-1~deb10u1 | shim-unsigned_15.8-1~deb10u1_i386.deb |
Debian | 10 | all | shim | < 15.8-1~deb10u1 | shim_15.8-1~deb10u1_all.deb |
Debian | 10 | amd64 | shim-helpers-amd64-signed-template | < 15.8-1~deb10u1 | shim-helpers-amd64-signed-template_15.8-1~deb10u1_amd64.deb |
8.3 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
7.1 High
AI Score
Confidence
High
0.025 Low
EPSS
Percentile
90.2%