CVE-2023-40547

Name of the Vulnerable Software and Affected Versions Shim versions prior to 15.8

Description A remote code execution vulnerability was found in Shim, a core component of secure boot in Linux. The vulnerability allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. This flaw is only exploitable during the early boot phase, and an attacker needs to perform a Man-in-the-Middle or compromise the boot server to be able to exploit this vulnerability successfully. The estimated number of potentially affected devices worldwide is in the millions.

Recommendations Update to Shim version 15.8 or later to address the vulnerability. As a temporary workaround, consider restricting access to the HTTP boot support feature in Shim until a patch is available. Avoid using Shim with Secure Boot enabled until the issue is resolved. Update the UEFI Secure Boot DBX to include hashes of the vulnerable Shim software and sign the updated version with a valid key.