DEBIAN-CVE-2023-40551

DEBIAN-CVE-2023-40551 PUBLISHED CVSS 5.099999904632568 MEDIUM

A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase.

Risk Scores

CVSS v3.1

5.099999904632568

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:14	shim	0, 0, 0
Debian:13	shim	0, 0, 0
Debian:12	shim	0, 15.7-1, 15.8-1
Debian:11	shim	15.8-1, 0, 15.4-7

Timeline

Jan 29, 2024 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2023-40551 advisory

Open in Interactive Console →