Linux Distros Unpatched Vulnerability : CVE-2023-40550

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase...

OESA-2024-1118 shim security update

Initial UEFI bootloader that handles chaining to a trusted full \ bootloader under secure boot environments. Security Fixes: A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker...

AZL-35265 CVE-2023-40550 affecting package shim-unsigned-aarch64 for versions less than 15.8-3

An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase...

AZL-34159 CVE-2023-40550 affecting package shim for versions less than 15.8-1

An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase...

CVE-2023-40550

CVE-2023-40550 affects Shim/shim in boot path; root cause is an out-of-bounds read during SBAT validation, potentially exposing sensitive data during system boot. Related IBM/DS8K/HMC advisories describe multiple Shim CVEs consolidated under Power HMC, including fixes in microcode bundles (DS8900...

PT-2024-2764 · Shim +6 · Shim +6

Name of the Vulnerable Software and Affected Versions: Shim affected versions not specified Description: The issue is related to an out-of-bounds read flaw in Shim when it attempts to validate the SBAT information. This flaw may expose sensitive data during the system's boot phase. Recommendation...