CVE-2023-39950

efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets. Insufficient or missing validation and sanitization of input from untrustworthy bootloader environment files can cause crashes and probably also code injections into bgsetenv or...

Howyar Reloader UEFI bootloader vulnerable to unsigned software execution

Overview The Howyar UEFI Application "Reloader" 32-bit and 64-bit, distributed as part of SysReturn prior to version 10.2.02320240919, is vulnerable to the execution of arbitrary software from a hard-coded path. An attacker who successfully exploits this vulnerability can bypass the UEFI Secure...

OESA-2024-1223 shim security update

Initial UEFI bootloader that handles chaining to a trusted full \ bootloader under secure boot environments. Security Fixes: Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate...

OESA-2024-1186 shim security update

Initial UEFI bootloader that handles chaining to a trusted full \ bootloader under secure boot environments. Security Fixes: A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints...

Advisory ROSA-SA-2024-2353

Software: shim 15 OS: rosa-server79 packageevrstring: shim-15-8.0.1.el7 CVE-ID: CVE-2023-40547 BDU-ID: 2024-00725 CVE-Crit: HIGH CVE-DESC.: A vulnerability exists in the shim UEFI bootloader due to failure to take measures to neutralize special elements. Exploitation of the vulnerability could...

OESA-2023-1121 shim security update

Initial UEFI bootloader that handles chaining to a trusted full bootloader under secure boot environments. Security Fixes: There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structur...

Fedora: Security Advisory for shim (FEDORA-2022-98830efc68)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for shim-unsigned-aarch64 (FEDORA-2022-98830efc68)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for shim-unsigned-x64 (FEDORA-2022-98830efc68)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: shim-unsigned-x64-15.6-1

Initial UEFI bootloader that handles chaining to a trusted full bootloader under secure boot environments...

Intel Kernelflinger 缓冲区错误漏洞

Intel Kernelflinger is an Intel Uefi bootloader for Android /Brillo from Intel Corporation USA. A buffer error vulnerability exists in the Intel Kernelflinger open source project, which stems from a potential security hole in the Kernelflinger open source project maintained by Intel. An attacker...

Fedora: Security Advisory for shim (FEDORA-2021-cab258a413)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for shim-unsigned-aarch64 (FEDORA-2021-cab258a413)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 34 Update: shim-unsigned-aarch64-15.4-1.fc34

Initial UEFI bootloader that handles chaining to a trusted full bootloader under secure boot environments...

Oracle Linux 7 : shim (ELSA-2014-1801)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1801 advisory. - out-of-bounds memory read flaw in DHCPv6 packet processing Resolves: CVE-2014-3675 - heap-based buffer overflow flaw in IPv6 address parsing Resolves...

RHEL 7 : shim (RHSA-2014:1801)

Updated shim packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for...

Moderate: Red Hat Security Advisory: shim security update

Updated shim packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for...