Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2022-28737

There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code execution is not discarded in such scenario.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 3.8%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2022-28737
  • Redhat » Shim » Version: N/A
    cpe:2.3:a:redhat:shim:-
  • Redhat » Shim » Version: 0.3
    cpe:2.3:a:redhat:shim:0.3
  • Redhat » Shim » Version: 0.4
    cpe:2.3:a:redhat:shim:0.4
  • Redhat » Shim » Version: 0.5
    cpe:2.3:a:redhat:shim:0.5
  • Redhat » Shim » Version: 0.7
    cpe:2.3:a:redhat:shim:0.7
  • Redhat » Shim » Version: 0.8
    cpe:2.3:a:redhat:shim:0.8
  • Redhat » Shim » Version: 0.9
    cpe:2.3:a:redhat:shim:0.9
  • Redhat » Shim » Version: 1.0.4
    cpe:2.3:a:redhat:shim:1.0.4
  • Redhat » Shim » Version: 1.0.5
    cpe:2.3:a:redhat:shim:1.0.5
  • Redhat » Shim » Version: 1.0.6
    cpe:2.3:a:redhat:shim:1.0.6
  • Redhat » Shim » Version: 1.0.7
    cpe:2.3:a:redhat:shim:1.0.7
  • Redhat » Shim » Version: 1.0.8
    cpe:2.3:a:redhat:shim:1.0.8
  • Redhat » Shim » Version: 1.0.9
    cpe:2.3:a:redhat:shim:1.0.9
  • Redhat » Shim » Version: 1.1.0
    cpe:2.3:a:redhat:shim:1.1.0
  • Redhat » Shim » Version: 1.1.1
    cpe:2.3:a:redhat:shim:1.1.1
  • Redhat » Shim » Version: 10
    cpe:2.3:a:redhat:shim:10
  • Redhat » Shim » Version: 11
    cpe:2.3:a:redhat:shim:11
  • Redhat » Shim » Version: 12
    cpe:2.3:a:redhat:shim:12
  • Redhat » Shim » Version: 13
    cpe:2.3:a:redhat:shim:13
  • Redhat » Shim » Version: 14
    cpe:2.3:a:redhat:shim:14
  • Redhat » Shim » Version: 15
    cpe:2.3:a:redhat:shim:15
  • Redhat » Shim » Version: 15.1
    cpe:2.3:a:redhat:shim:15.1
  • Redhat » Shim » Version: 15.2
    cpe:2.3:a:redhat:shim:15.2
  • Redhat » Shim » Version: 15.3
    cpe:2.3:a:redhat:shim:15.3
  • Redhat » Shim » Version: 15.4
    cpe:2.3:a:redhat:shim:15.4
  • Redhat » Shim » Version: 15.5
    cpe:2.3:a:redhat:shim:15.5


Products
Pricing
Contact Us

Shodan ® - All rights reserved