Search CVE reports
1 – 10 of 11 results
CVE-2023-40551
Medium prioritySome fixes available 2 of 17
A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase.
3 affected packages
secureboot-db, shim, shim-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| secureboot-db | Not affected | Not affected | Not affected | Not affected | Not affected |
| shim | Fixed | Vulnerable | Vulnerable | Needs evaluation | Ignored |
| shim-signed | Fixed | Vulnerable | Vulnerable | Needs evaluation | Ignored |
CVE-2023-40550
Medium prioritySome fixes available 2 of 17
An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase.
3 affected packages
secureboot-db, shim, shim-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| secureboot-db | Not affected | Not affected | Not affected | Not affected | Not affected |
| shim | Fixed | Vulnerable | Vulnerable | Needs evaluation | Ignored |
| shim-signed | Fixed | Vulnerable | Vulnerable | Needs evaluation | Ignored |
CVE-2023-40549
Medium prioritySome fixes available 2 of 17
An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim,...
3 affected packages
secureboot-db, shim, shim-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| secureboot-db | Not affected | Not affected | Not affected | Not affected | Not affected |
| shim | Fixed | Vulnerable | Vulnerable | Needs evaluation | Ignored |
| shim-signed | Fixed | Vulnerable | Vulnerable | Needs evaluation | Ignored |
CVE-2023-40548
Medium prioritySome fixes available 2 of 17
A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory...
3 affected packages
secureboot-db, shim, shim-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| secureboot-db | Not affected | Not affected | Not affected | Not affected | Not affected |
| shim | Fixed | Vulnerable | Vulnerable | Needs evaluation | Ignored |
| shim-signed | Fixed | Vulnerable | Vulnerable | Needs evaluation | Ignored |
CVE-2023-40547
Medium prioritySome fixes available 2 of 17
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a...
3 affected packages
secureboot-db, shim, shim-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| secureboot-db | Not affected | Not affected | Not affected | Not affected | Not affected |
| shim | Fixed | Vulnerable | Vulnerable | Needs evaluation | Ignored |
| shim-signed | Fixed | Vulnerable | Vulnerable | Needs evaluation | Ignored |
CVE-2023-40546
Medium prioritySome fixes available 2 of 17
A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging...
3 affected packages
secureboot-db, shim, shim-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| secureboot-db | Not affected | Not affected | Not affected | Not affected | Not affected |
| shim | Fixed | Vulnerable | Vulnerable | Needs evaluation | Ignored |
| shim-signed | Fixed | Vulnerable | Vulnerable | Needs evaluation | Ignored |
CVE-2022-28737
Medium prioritySome fixes available 2 of 7
There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. An attacker can...
1 affected packages
shim
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| shim | Not affected | Fixed | Fixed | Vulnerable | Ignored |
CVE-2014-8399
Medium priorityThe default configuration in systemd-shim 8 enables the Abandon debugging clause, which allows local users to cause a denial of service via unspecified vectors.
1 affected packages
systemd-shim
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| systemd-shim | — | — | — | — | — |
CVE-2014-3677
Medium priorityUnspecified vulnerability in Shim might allow attackers to execute arbitrary code via a crafted MOK list, which triggers memory corruption.
1 affected packages
shim
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| shim | — | — | — | — | — |
CVE-2014-3676
Medium priorityHeap-based buffer overflow in Shim allows remote attackers to execute arbitrary code via a crafted IPv6 address, related to the "tftp:// DHCPv6 boot option."
1 affected packages
shim
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| shim | — | — | — | — | — |