CVE 2023-40549
An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service.
Related bugs and status
CVE-2023-40549 (Candidate) is related to these bugs:
Bug #2036604: Synchronous Exception when booting VMs via qemu-efi-aarch64
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
2036604 | Synchronous Exception when booting VMs via qemu-efi-aarch64 | qemu (Ubuntu) | Undecided | Confirmed | ||
2036604 | Synchronous Exception when booting VMs via qemu-efi-aarch64 | autopkgtest (Ubuntu) | Undecided | Confirmed | ||
2036604 | Synchronous Exception when booting VMs via qemu-efi-aarch64 | cloud-images | Undecided | New | ||
2036604 | Synchronous Exception when booting VMs via qemu-efi-aarch64 | edk2 (Ubuntu) | High | Fix Released | ||
2036604 | Synchronous Exception when booting VMs via qemu-efi-aarch64 | edk2 (Debian) | Unknown | Fix Released | ||
2036604 | Synchronous Exception when booting VMs via qemu-efi-aarch64 | shim (Ubuntu) | Undecided | Fix Released |
Bug #2051151: Update to shim 15.8
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
2051151 | Update to shim 15.8 | shim (Ubuntu) | Undecided | Fix Released | ||
2051151 | Update to shim 15.8 | shim-signed (Ubuntu) | Undecided | Fix Released | ||
2051151 | Update to shim 15.8 | shim (Debian) | Unknown | Fix Released | ||
2051151 | Update to shim 15.8 | shim (Ubuntu Mantic) | Undecided | Confirmed | ||
2051151 | Update to shim 15.8 | shim-signed (Ubuntu Mantic) | Undecided | Confirmed | ||
2051151 | Update to shim 15.8 | shim (Ubuntu Focal) | Undecided | Confirmed | ||
2051151 | Update to shim 15.8 | shim-signed (Ubuntu Focal) | Undecided | Confirmed | ||
2051151 | Update to shim 15.8 | shim (Ubuntu Noble) | Undecided | Fix Released | ||
2051151 | Update to shim 15.8 | shim-signed (Ubuntu Noble) | Undecided | Fix Released | ||
2051151 | Update to shim 15.8 | shim (Ubuntu Jammy) | Undecided | Confirmed | ||
2051151 | Update to shim 15.8 | shim-signed (Ubuntu Jammy) | Undecided | Confirmed |
See the
CVE page on Mitre.org
for more details.