DEBIAN-CVE-2023-40547

DEBIAN-CVE-2023-40547 PUBLISHED CVSS 8.300000190734863 HIGH

A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. This flaw is only exploitable during the early boot phase, an attacker needs to perform a Man-in-the-Middle or compromise the boot server to be able to exploit this vulnerability successfully.

Risk Scores

CVSS 3.1

8.300000190734863

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Debian:12	shim	15.7-1, ,
Debian:11	shim	15.6-1~deb10u1, 15.7-1~deb10u1, 15.7-1~deb11u1
Debian:14	shim	0, 0, 0
Debian:13	shim	0, 0, 0

Exploit Intelligence

cvrf_test.go (github-poc)
cvrf.go (github-poc)

Timeline

Jan 25, 2024 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2023-40547 advisory

Open in Interactive Console →