CVSS: 5.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-40551 – Shim: out of bounds read when parsing mz binaries
https://notcve.org/view.php?id=CVE-2023-40551
29 Jan 2024 — A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase. Se encontró un fallo en el formato binario MZ en Shim. Es posible que se produzca una lectura fuera de los límites, lo que provocará un bloqueo o una posible exposición de datos confidenciales durante la fase de inicio del sistema. • https://access.redhat.com/errata/RHSA-2024:1834 • CWE-125: Out-of-bounds Read •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2023-40546 – Shim: out-of-bounds read printing error messages
https://notcve.org/view.php?id=CVE-2023-40546
29 Jan 2024 — A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a crash under certain circumstances. Se encontró un fallo en Shim cuando ocurrió un error al crear una nueva variable ESL. Si Shim no puede crear la nueva variable, intenta imprimir un mensaje de error para el usuario; si... • https://access.redhat.com/errata/RHSA-2024:1834 • CWE-476: NULL Pointer Dereference •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2023-40549 – Shim: out-of-bounds read in verify_buffer_authenticode() malformed pe file
https://notcve.org/view.php?id=CVE-2023-40549
29 Jan 2024 — An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service. Se encontró un fallo de lectura fuera de los límites en Shim debido a la falta de una verificación de límites adecuada durante la carga de un binario PE. Esta falla permite a un atacante cargar un binario PE manipulado, lo que desencadena el problema y bl... • https://access.redhat.com/errata/RHSA-2024:1834 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-40550 – Shim: out-of-bound read in verify_buffer_sbat()
https://notcve.org/view.php?id=CVE-2023-40550
29 Jan 2024 — An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase. Se encontró un fallo de lectura fuera de los límites en Shim cuando intentó validar la información SBAT. Este problema puede exponer datos confidenciales durante la fase de inicio del sistema. • https://access.redhat.com/errata/RHSA-2024:1834 • CWE-125: Out-of-bounds Read •
CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0CVE-2023-40548 – Shim: interger overflow leads to heap buffer overflow in verify_sbat_section on 32-bits systems
https://notcve.org/view.php?id=CVE-2023-40548
29 Jan 2024 — A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This flaw causes memory corruption and can lead to a crash or data integrity issues during the boot phase. Se encontró un desbordamiento de búfer en Shim en el sistema de 32 bits. • https://access.redhat.com/errata/RHSA-2024:1834 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.3EPSS: 1%CPEs: 4EXPL: 0CVE-2023-40547 – Shim: rce in http boot support may lead to secure boot bypass
https://notcve.org/view.php?id=CVE-2023-40547
25 Jan 2024 — A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. This flaw is only exploitable during the early boot phase, an attacker needs to perform a Man-in-the-Middle or compromise the boot server to be able to exploit this vulnerability successfully. Se en... • http://www.openwall.com/lists/oss-security/2024/01/26/1 • CWE-346: Origin Validation Error CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28737 – There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables
https://notcve.org/view.php?id=CVE-2022-28737
20 Jun 2022 — There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code execution is not discarded in such scenario. A flaw was found in shim during the handling of EFI executables. A crafted EFI image can lead to an overflow in shim. • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28737 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2014-8399 – Ubuntu Security Notice USN-2392-1
https://notcve.org/view.php?id=CVE-2014-8399
30 Oct 2014 — The default configuration in systemd-shim 8 enables the Abandon debugging clause, which allows local users to cause a denial of service via unspecified vectors. La configuración por defecto en systemd-shim 8 habilita la clausula de purificación Abandon, lo que permite a usuarios locales causar una denegación de servicio a través de vectores no especificados. It was discovered that systemd-shim incorrectly shipped with a debugging clause enabled. A local attacker could possibly use this issue to cause a deni... • http://www.ubuntu.com/usn/USN-2392-1 •
CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 0CVE-2014-3675 – shim: out-of-bounds memory read flaw in DHCPv6 packet processing
https://notcve.org/view.php?id=CVE-2014-3675
22 Oct 2014 — Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted DHCPv6 packet. Shim permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través de un paquete DHCPv6 manipulado. An out-of-bounds memory read flaw was found in the way shim parsed certain IPv6 packets. A specially crafted DHCPv6 packet could possibly cause shim to crash, preventing the system from booting if IPv6 booting was enabled. Shim is the initial UEFI bootloader that handle... • http://rhn.redhat.com/errata/RHSA-2014-1801.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 1CVE-2014-3676 – shim: heap-based buffer overflow flaw in IPv6 address parsing
https://notcve.org/view.php?id=CVE-2014-3676
22 Oct 2014 — Heap-based buffer overflow in Shim allows remote attackers to execute arbitrary code via a crafted IPv6 address, related to the "tftp:// DHCPv6 boot option." Desbordamiento de buffer basado en la memoria dinámica en Shim permite a atacantes remotos ejecutar código arbitrario a través de una dirección IPv6 manipulada, relacionado con la opción de arranque 'tftp:// DHCPv6.' A heap-based buffer overflow flaw was found the way shim parsed certain IPv6 addresses. If IPv6 network booting was enabled, a malicious ... • http://rhn.redhat.com/errata/RHSA-2014-1801.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •