71 matches found
CVE-2023-40551
A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase...
CVE-2023-40551 Shim: out of bounds read when parsing mz binaries
A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase...
CVE-2023-40550 Shim: out-of-bound read in verify_buffer_sbat()
An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase...
CVE-2023-40550 Shim: out-of-bound read in verify_buffer_sbat()
An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase...
CVE-2023-40550
An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase...
AZL-35255 CVE-2023-40548 affecting package shim for versions less than 15.8-3
A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This fl...
Heap overflow
A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This fl...
Red Hat Shim Security Breach
Red Hat Shim is a simple software package from Red Hat. It is intended to be used as a first-stage boot loader on UEFI systems. A security vulnerability exists in Red Hat Shim that stems from an out-of-bounds read issue, which could result in the exposure of sensitive data during the system boot...
CVE-2023-40550
An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase...
CVE-2023-40551
A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase...
Remote code execution
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
CVE-2023-40547 Shim: rce in http boot support may lead to secure boot bypass
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
CVE-2023-40547 Shim: rce in http boot support may lead to secure boot bypass
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
CVE-2023-40547 Shim: rce in http boot support may lead to secure boot bypass
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
CVE-2023-40547
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
UBUNTU-CVE-2023-40551
A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase...
CVE-2023-40548
A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This fl...
CVE-2023-40547
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
PT-2024-2765 · Shim +6 · Shim +6
Name of the Vulnerable Software and Affected Versions: Shim affected versions not specified Description: A flaw was found in the MZ binary format in Shim, which is related to an out-of-bounds read. This issue may cause a crash or potentially expose sensitive data during the system's boot phase...
PT-2024-2764 · Shim +6 · Shim +6
Name of the Vulnerable Software and Affected Versions: Shim affected versions not specified Description: The issue is related to an out-of-bounds read flaw in Shim when it attempts to validate the SBAT information. This flaw may expose sensitive data during the system's boot phase. Recommendation...