Vulnerability Details CVE-2023-40550
An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.6%
CVSS Severity
CVSS v3 Score 5.5
References
- https://access.redhat.com/errata/RHSA-2024:1834
- https://access.redhat.com/errata/RHSA-2024:1835
- https://access.redhat.com/errata/RHSA-2024:1873
- https://access.redhat.com/errata/RHSA-2024:1876
- https://access.redhat.com/errata/RHSA-2024:1883
- https://access.redhat.com/errata/RHSA-2024:1902
- https://access.redhat.com/errata/RHSA-2024:1903
- https://access.redhat.com/errata/RHSA-2024:1959
- https://access.redhat.com/errata/RHSA-2024:2086
- https://access.redhat.com/security/cve/CVE-2023-40550
- https://bugzilla.redhat.com/show_bug.cgi?id=2259915
- https://access.redhat.com/errata/RHSA-2024:1834
- https://access.redhat.com/errata/RHSA-2024:1835
- https://access.redhat.com/errata/RHSA-2024:1873
- https://access.redhat.com/errata/RHSA-2024:1876
- https://access.redhat.com/errata/RHSA-2024:1883
- https://access.redhat.com/errata/RHSA-2024:1902
- https://access.redhat.com/errata/RHSA-2024:1903
- https://access.redhat.com/errata/RHSA-2024:1959
- https://access.redhat.com/errata/RHSA-2024:2086
- https://access.redhat.com/security/cve/CVE-2023-40550
- https://bugzilla.redhat.com/show_bug.cgi?id=2259915
- https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html
Products affected by CVE-2023-40550
-
cpe:2.3:a:redhat:shim:-
-
cpe:2.3:a:redhat:shim:0.3
-
cpe:2.3:a:redhat:shim:0.4
-
cpe:2.3:a:redhat:shim:0.5
-
cpe:2.3:a:redhat:shim:0.7
-
cpe:2.3:a:redhat:shim:0.8
-
cpe:2.3:a:redhat:shim:0.9
-
cpe:2.3:a:redhat:shim:1.0.4
-
cpe:2.3:a:redhat:shim:1.0.5
-
cpe:2.3:a:redhat:shim:1.0.6
-
cpe:2.3:a:redhat:shim:1.0.7
-
cpe:2.3:a:redhat:shim:1.0.8
-
cpe:2.3:a:redhat:shim:1.0.9
-
cpe:2.3:a:redhat:shim:1.1.0
-
cpe:2.3:a:redhat:shim:1.1.1
-
cpe:2.3:a:redhat:shim:10
-
cpe:2.3:a:redhat:shim:11
-
cpe:2.3:a:redhat:shim:12
-
cpe:2.3:a:redhat:shim:13
-
cpe:2.3:a:redhat:shim:14
-
cpe:2.3:a:redhat:shim:15
-
cpe:2.3:a:redhat:shim:15.1
-
cpe:2.3:a:redhat:shim:15.2
-
cpe:2.3:a:redhat:shim:15.3
-
cpe:2.3:a:redhat:shim:15.4
-
cpe:2.3:a:redhat:shim:15.5
-
cpe:2.3:a:redhat:shim:15.6
-
cpe:2.3:a:redhat:shim:15.7
-
cpe:2.3:o:fedoraproject:fedora:39
-
cpe:2.3:o:redhat:enterprise_linux:8.0
-
cpe:2.3:o:redhat:enterprise_linux:9.0