CVE-2023-40547

Summary

CVE	CVE-2023-40547
State	RESERVED
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2024-01-25 16:15:00 UTC
Updated	2024-03-26 16:15:00 UTC
Description	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Risk And Classification

Problem Types: CWE-125

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Redhat	Enterprise Linux	7.0	All	All	All
Operating System	Redhat	Enterprise Linux	8.0	All	All	All
Operating System	Redhat	Enterprise Linux	9.0	All	All	All
Application	Redhat	Shim	All	All	All	All

References

Reference	Source	Link	Tags
2234589 – (CVE-2023-40547) CVE-2023-40547 shim: RCE in http boot support may lead to Secure Boot bypass		bugzilla.redhat.com
oss-security - shim 15.8 released with 6 CVE fixes		www.openwall.com
cve-details		access.redhat.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

357274 Amazon Linux Security Advisory for shim : ALAS2-2024-2484
379359 Shim package Multiple Vulnerabilities
673479 EulerOS Security Update for shim (EulerOS-SA-2024-1249)
673695 EulerOS Security Update for shim (EulerOS-SA-2024-1227)
674149 EulerOS Security Update for shim (EulerOS-SA-2024-1497)
674157 EulerOS Security Update for shim (EulerOS-SA-2024-1518)