5.5
CVE-2023-40550
- EPSS 0.39%
- Veröffentlicht 29.01.2024 17:15:08
- Zuletzt bearbeitet 21.11.2024 08:19:42
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Shim: out-of-bound read in verify_buffer_sbat()
An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Fedoraproject ≫ Fedora Version39
Redhat ≫ Enterprise Linux Version8.0
Redhat ≫ Enterprise Linux Version9.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.39% | 0.31 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| secalert@redhat.com | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.
https://access.redhat.com/errata/RHSA-2024:1834
https://access.redhat.com/errata/RHSA-2024:1835
https://access.redhat.com/errata/RHSA-2024:1873
https://access.redhat.com/errata/RHSA-2024:1876
https://access.redhat.com/errata/RHSA-2024:1883
https://access.redhat.com/errata/RHSA-2024:1902
https://access.redhat.com/errata/RHSA-2024:1903
https://access.redhat.com/errata/RHSA-2024:1959
https://access.redhat.com/errata/RHSA-2024:2086
https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html
https://access.redhat.com/security/cve/CVE-2023-40550
https://bugzilla.redhat.com/show_bug.cgi?id=2259915