CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
29.5%
A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn’t match the format string used by it, leading to a crash under certain circumstances.
Vendor | Product | Version | CPE |
---|---|---|---|
redhat | shim | * | cpe:2.3:a:redhat:shim:*:*:*:*:*:*:*:* |
fedoraproject | fedora | 39 | cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* |
redhat | enterprise_linux | 8.0 | cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* |
redhat | enterprise_linux | 9.0 | cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* |
access.redhat.com/errata/RHSA-2024:1834
access.redhat.com/errata/RHSA-2024:1835
access.redhat.com/errata/RHSA-2024:1873
access.redhat.com/errata/RHSA-2024:1876
access.redhat.com/errata/RHSA-2024:1883
access.redhat.com/errata/RHSA-2024:1902
access.redhat.com/errata/RHSA-2024:1903
access.redhat.com/errata/RHSA-2024:1959
access.redhat.com/errata/RHSA-2024:2086
access.redhat.com/security/cve/CVE-2023-40546
bugzilla.redhat.com/show_bug.cgi?id=2241796
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
29.5%