Lucene search
+L

6 matches found

redhat
redhat
added 2024/04/29 12:31 p.m.7 views

shim: Interger overflow leads to heap buffer overflow in verify_sbat_section on 32-bits systems

A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This fl...

7.4CVSS7AI score0.00432EPSS
Exploits0References4
redhat
redhat
added 2024/04/18 5:42 p.m.5 views

shim: Interger overflow leads to heap buffer overflow in verify_sbat_section on 32-bits systems

A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This fl...

7.4CVSS7AI score0.00432EPSS
Exploits0References4
osv
osv
added 2024/01/29 3:15 p.m.13 views

AZL-35275 CVE-2023-40548 affecting package shim-unsigned-x64 for versions less than 15.8-3

A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This fl...

7.4CVSS7.3AI score0.00432EPSS
Exploits0References1
osv
osv
added 2023/07/20 1:15 a.m.8 views

AZL-27559 CVE-2022-28737 affecting package shim for versions less than 15.8-1

There's a possible overflow in handleimage when shim tries to load and execute crafted EFI executables; The handleimage function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code...

7.8CVSS7.4AI score0.00332EPSS
Exploits0References1
osv
osv
added 2023/07/20 1:15 a.m.10 views

AZL-35252 CVE-2022-28737 affecting package shim for versions less than 15.8-3

There's a possible overflow in handleimage when shim tries to load and execute crafted EFI executables; The handleimage function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code...

7.8CVSS7.4AI score0.00332EPSS
Exploits0References1
osv
osv
added 2023/07/20 1:15 a.m.1 views

DEBIAN-CVE-2022-28737

There's a possible overflow in handleimage when shim tries to load and execute crafted EFI executables; The handleimage function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code...

7.8CVSS7.6AI score0.00332EPSS
Exploits0References1
Rows per page
Query Builder