CVE-2023-40548

Updated: 2024-02-19 20:18:08.264072

Description:

A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This flaw causes memory corruption and can lead to a crash or data integrity issues during the boot phase.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x HIGH 7.4

Status

OS name Project name Version Score Severity Status Errata Last updated
CentOS 8.4 ELS shim 15-15 7.4 HIGH In Progress 2024-02-28 13:09:42
CentOS 8.5 ELS shim 15-15 7.4 HIGH In Progress 2024-02-28 13:09:40