CVE-2014-3675Out-of-bounds Read in Redhat Shim

CWE-125Out-of-bounds Read7 documents6 sources
Severity
5.0MEDIUMNVD
EPSS
3.1%
top 13.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Shim
Timeline
PublishedOct 22
Latest updateMay 13

Description

Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted DHCPv6 packet.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDredhat/shim0.30.8
Ubunturedhat/shim< 0.8-0ubuntu2

Patches

Patch: www.openwall.comPatch: www.openwall.com

🔴Vulnerability Details

3
GHSA
GHSA-4w72-8qcf-2x8f: Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted DHCPv6 packet2022-05-13
CVEList
CVE-2014-3675: Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted DHCPv6 packet2014-10-22
OSV
CVE-2014-3675: Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted DHCPv6 packet2014-10-22

📋Vendor Advisories

1
Red Hat
shim: out-of-bounds memory read flaw in DHCPv6 packet processing2014-10-13

💬Community

2
Bugzilla
CVE-2014-3676 CVE-2014-3677 CVE-2014-3675 shim: various flaws [fedora-all]2014-10-14
Bugzilla
CVE-2014-3675 shim: out-of-bounds memory read flaw in DHCPv6 packet processing2014-10-01