CVE-2023-40546

Updated: 2024-06-11 04:16:17.235495

Description:

A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a crash under certain circumstances.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated
CentOS 7 ELS shim 15 5.5 MEDIUM In Rollout CLSA-2024:1721204645 2024-07-17 05:36:05
CentOS 8.4 ELS shim 15-15 5.5 MEDIUM Released CLSA-2024:1711036007 2024-03-21 14:09:56
CentOS 8.5 ELS shim 15-15 5.5 MEDIUM Released CLSA-2024:1711036383 2024-03-21 14:09:55
CentOS Stream 8 ELS shim 15 5.5 MEDIUM In Progress 2024-07-17 05:36:06