Updated: 2024-11-30 04:18:04.532471
Description:
A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0 | |
| CVSS Version 3.x | MEDIUM | 5.1000000000000005 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | shim | 15 | 5.1 | MEDIUM | Already Fixed | 2025-04-17 03:53:38 | ||
| CentOS 7 ELS | shim | 15 | 5.1 | MEDIUM | Released | CLSA-2024:1721204645 | 2024-08-20 12:23:50 | |
| CentOS 8.4 ELS | shim | 15-15 | 5.1 | MEDIUM | Released | CLSA-2024:1711036007 | 2024-03-21 14:09:51 | |
| CentOS 8.5 ELS | shim | 15-15 | 5.1 | MEDIUM | Released | CLSA-2024:1711036383 | 2024-03-21 14:09:51 | |
| CentOS Stream 8 ELS | shim | 15 | 5.1 | MEDIUM | Released | CLSA-2024:1724271309 | 2024-08-21 17:34:11 |