7 matches found
shim: RCE in http boot support may lead to Secure Boot bypass
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
shim: RCE in http boot support may lead to Secure Boot bypass
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
shim: RCE in http boot support may lead to Secure Boot bypass
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
AZL-35254 CVE-2023-40547 affecting package shim for versions less than 15.8-3
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
AZL-35278 CVE-2023-40547 affecting package shim-unsigned-x64 for versions less than 15.8-3
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
CVE-2023-40547
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
PT-2023-8436 · Shim +7 · Shim +7
Name of the Vulnerable Software and Affected Versions: Shim versions prior to 15.8 Description: A remote code execution vulnerability was found in Shim, a core component of secure boot in Linux. The vulnerability allows an attacker to craft a specific malicious HTTP request, leading to a complete...