Updated: 2024-09-16 22:10:09.076802
Description:
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. This flaw is only exploitable during the early boot phase, an attacker needs to perform a Man-in-the-Middle or compromise the boot server to be able to exploit this vulnerability successfully.
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | 0 | |
CVSS Version 3.x | HIGH | 8.3 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated |
---|---|---|---|---|---|---|---|
CentOS 7 ELS | shim | 15 | 8.3 | HIGH | Released | CLSA-2024:1721204645 | 2024-08-20 12:24:02 |
CentOS 8.4 ELS | shim | 15-15 | 8.3 | HIGH | Released | CLSA-2024:1711036007 | 2024-03-21 14:10:00 |
CentOS 8.5 ELS | shim | 15-15 | 8.3 | HIGH | Released | CLSA-2024:1711036383 | 2024-03-21 14:09:59 |
CentOS Stream 8 ELS | shim | 15 | 8.3 | HIGH | Released | CLSA-2024:1724271309 | 2024-08-21 17:34:15 |