CVE-2023-40548

2024-01-2915:15:08

Debian Security Bug Tracker

security-tracker.debian.org

buffer overflow

shim

user-controlled value

pe binary

memory corruption

heap-based

data integrity

crash

unix

7.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

5.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.1%

JSON

A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This flaw causes memory corruption and can lead to a crash or data integrity issues during the boot phase.

OSVersionArchitecturePackageVersionFilename
Debian12allshim<= 15.7-1shim_15.7-1_all.deb
Debian11allshim<= 15.7-1~deb11u1shim_15.7-1~deb11u1_all.deb
Debian10allshim< 15.8-1~deb10u1shim_15.8-1~deb10u1_all.deb
Debian999allshim< 15.8-1shim_15.8-1_all.deb
Debian13allshim<= 15.7-1shim_15.7-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	shim	<= 15.7-1	shim_15.7-1_all.deb
Debian	11	all	shim	<= 15.7-1~deb11u1	shim_15.7-1~deb11u1_all.deb
Debian	10	all	shim	< 15.8-1~deb10u1	shim_15.8-1~deb10u1_all.deb
Debian	999	all	shim	< 15.8-1	shim_15.8-1_all.deb
Debian	13	all	shim	<= 15.7-1	shim_15.7-1_all.deb