Shim: out-of-bounds read printing error messages
CVE-2023-40546

6.2MEDIUM

Key Information:

Vendor
Red Hat
Status
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 8.2 Advanced Update Support
Red Hat Enterprise Linux 8.2 Telecommunications Update Service
Vendor
CVE Published:
29 January 2024

Summary

A notable flaw has been identified within Shim which arises during the creation of new ESL variables. When Shim encounters an error while creating a new variable, it attempts to log an error message. However, the parameters utilized by the logging function do not align correctly with the expected format string, which may lead to a system crash under specific conditions. This vulnerability poses a risk to various Red Hat products that rely on Shim for their secure boot functionality, potentially interrupting their operation and affecting overall system stability.

Affected Version(s)

Red Hat Enterprise Linux 7 0:15.8-3.el7

Red Hat Enterprise Linux 7 0:15.8-1.el7

Red Hat Enterprise Linux 8 0:15.8-4.el8_9

References

https://access.redhat.com/errata/RHSA-2024:1834
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1835
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1873
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
6.2
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.