CVE-2023-40551

Published: January 25, 2024Last modified: January 25, 2024

Description

A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase.

Severity score breakdown

Status

References

• https://access.redhat.com/errata/RHSA-2024:1834
• https://access.redhat.com/errata/RHSA-2024:1835
• https://access.redhat.com/errata/RHSA-2024:1873
• https://access.redhat.com/errata/RHSA-2024:1876
• https://access.redhat.com/errata/RHSA-2024:1883
• https://access.redhat.com/errata/RHSA-2024:1902
• https://access.redhat.com/errata/RHSA-2024:1903
• https://access.redhat.com/errata/RHSA-2024:1959
• https://access.redhat.com/errata/RHSA-2024:2086
• https://access.redhat.com/security/cve/CVE-2023-40551
• https://bugzilla.redhat.com/show_bug.cgi?id=2259918
• https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html