CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service.
access.redhat.com/errata/RHSA-2024:1834
access.redhat.com/errata/RHSA-2024:1835
access.redhat.com/errata/RHSA-2024:1873
access.redhat.com/errata/RHSA-2024:1876
access.redhat.com/errata/RHSA-2024:1883
access.redhat.com/errata/RHSA-2024:1902
access.redhat.com/errata/RHSA-2024:1903
access.redhat.com/errata/RHSA-2024:1959
access.redhat.com/errata/RHSA-2024:2086
access.redhat.com/security/cve/CVE-2023-40549
bugzilla.redhat.com/show_bug.cgi?id=2241797
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial