Updated: 2024-11-30 04:18:04.188269
Description:
An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0 | |
| CVSS Version 3.x | MEDIUM | 5.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| CentOS 7 ELS | shim | 15 | 5.5 | MEDIUM | Released | CLSA-2024:1721204645 | 2024-08-20 12:23:56 | |
| CentOS 8.4 ELS | shim | 15-15 | 5.5 | MEDIUM | Released | CLSA-2024:1711036007 | 2024-03-21 14:09:53 | |
| CentOS 8.5 ELS | shim | 15-15 | 5.5 | MEDIUM | Released | CLSA-2024:1711036383 | 2024-03-21 14:09:52 | |
| CentOS Stream 8 ELS | shim | 15 | 5.5 | MEDIUM | Released | CLSA-2024:1724271309 | 2024-08-21 17:34:13 |