CVE-2023-40546 — NULL Pointer Dereference in Redhat Shim

CWE-476 — NULL Pointer Dereference7 documents7 sources

Severity

5.5MEDIUMNVD

CNA6.2

EPSS

0.0%

top 93.00%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Shim Fedoraproject Fedora Redhat Enterprise Linux

Timeline

PublishedJan 29

Description

A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a crash under certain circumstances.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶NVDredhat/shim< 15.8

▶Debianredhat/shim< 15.8-1~deb11u1+3

Also affects: Fedora 39, Enterprise Linux 8.0, 9.0

🔴Vulnerability Details

OSV

CVE-2023-40546: A flaw was found in Shim when an error happened while creating a new ESL variable↗2024-01-29

▶

CVEList

Shim: out-of-bounds read printing error messages↗2024-01-29

▶

GHSA

GHSA-9fh5-955w-9jfh: A flaw was found in Shim when an error happened while creating a new ESL variable↗2024-01-29

▶

📋Vendor Advisories

Red Hat

shim: Out-of-bounds read printing error messages↗2024-01-23

▶

Microsoft

Shim: out-of-bounds read printing error messages↗2024-01-09

▶

Debian

CVE-2023-40546: shim - A flaw was found in Shim when an error happened while creating a new ESL variabl...↗2023

▶