CVE-2023-40550

Published: January 25, 2024Last modified: January 25, 2024

Description

An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase.

Severity score breakdown

Status

References

• https://access.redhat.com/errata/RHSA-2024:1834
• https://access.redhat.com/errata/RHSA-2024:1835
• https://access.redhat.com/errata/RHSA-2024:1873
• https://access.redhat.com/errata/RHSA-2024:1876
• https://access.redhat.com/errata/RHSA-2024:1883
• https://access.redhat.com/errata/RHSA-2024:1902
• https://access.redhat.com/errata/RHSA-2024:1903
• https://access.redhat.com/errata/RHSA-2024:1959
• https://access.redhat.com/errata/RHSA-2024:2086
• https://access.redhat.com/security/cve/CVE-2023-40550
• https://bugzilla.redhat.com/show_bug.cgi?id=2259915
• https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html