12 matches found
EUVD-2022-33176
Malicious code in bioql PyPI...
CentOS 9 : shim-unsigned-x64-15.6-1.el9
The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the shim-unsigned-x64-15.6-1.el9 build changelog. - A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot...
AZL-35252 CVE-2022-28737 affecting package shim for versions less than 15.8-3
There's a possible overflow in handleimage when shim tries to load and execute crafted EFI executables; The handleimage function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code...
CVE-2022-28737
There's a possible overflow in handleimage when shim tries to load and execute crafted EFI executables; The handleimage function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code...
CVE-2022-28737
There's a possible overflow in handleimage when shim tries to load and execute crafted EFI executables; The handleimage function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code...
CVE-2022-28737
There's a possible overflow in handleimage when shim tries to load and execute crafted EFI executables; The handleimage function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code...
CVE-2022-28737
CVE-2022-28737 is confirmed with concrete technical details in connected records. The issue is an out-of-bounds write in the shim loading path, caused by handling of the SizeOfRawData field in EFI sections via handle_image(), leading to memory corruption and potential arbitrary code execution. Af...
CVE-2022-28737
There's a possible overflow in handleimage when shim tries to load and execute crafted EFI executables; The handleimage function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code...
CVE-2022-28737 There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables
There's a possible overflow in handleimage when shim tries to load and execute crafted EFI executables; The handleimage function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code...
CVE-2022-28737 There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables
There's a possible overflow in handleimage when shim tries to load and execute crafted EFI executables; The handleimage function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code...
Oracle Linux 8 : shim (ELSA-2022-9465)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9465 advisory. 15.6-1.0.3 - Update shimx64.efi and shimia32.efi signed by Microsoft JIRA: OLDIS-16370 15.6-1.0.2 - Update to shim-unsigned v15.6.rc2 JIRA: OLDIS-16370 15.6-1.0...
Oracle Linux 7 : shim-signed (ELSA-2022-9466)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9466 advisory. - update CVE-2022-28737 patches JIRA: OLDIS-16370 - Fix CVE-2022-28737 JIRA: OLDIS-16370 Tenable has extracted the preceding description block directly from the...