CVE-2023-40546

Updated: 2024-02-06 06:58:12.51924

Description:

A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a crash under certain circumstances.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated
CentOS 8.4 ELS shim 15-15 5.5 MEDIUM In Progress 2024-02-28 13:09:42
CentOS 8.5 ELS shim 15-15 5.5 MEDIUM In Progress 2024-02-28 13:09:42