PT-2024-2764 · Shim+6 · Shim+6

Marco Benatto

Published

2024-01-23

Updated

2025-03-07

CVE-2023-40550

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Shim (affected versions not specified)

Description The issue is related to an out-of-bounds read flaw in Shim when it attempts to validate the SBAT information. This flaw may expose sensitive data during the system's boot phase.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2024:1902

ALSA-2024:1903

ALT-PU-2024-1671

ALT-PU-2024-1869

ALT-PU-2024-1877

ALT-PU-2024-4050

AZL-34094

AZL-34159

AZL-35257

AZL-35265

AZL-35277

BDU:2024-02898

CESA-2024_1902

CVE-2023-40550

DLA-3813-1

OESA-2024-1117

OESA-2024-1118

OESA-2024-1119

OESA-2024-1120

OPENSUSE-SU-2024_1368-1

RHSA-2024:1834

RHSA-2024:1835

RHSA-2024:1873

RHSA-2024:1876

RHSA-2024:1883

RHSA-2024:1902

RHSA-2024:1903

RHSA-2024:1959

RHSA-2024:2086

RHSA-2024_1902

RHSA-2024_1903

RHSA-2024_1959

SUSE-SU-2024:1368-1

SUSE-SU-2024:1461-1

SUSE-SU-2024:1462-1

SUSE-SU-2025:20136-1

Affected Products

Alt Linux

Almalinux

Centos

Red Hat

Red Os

Shim

Suse

CVE-2023-40550

Weakness Enumeration

Related Identifiers

Affected Products

References · 97