CVE 2023-40550
An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase.
Related bugs and status
CVE-2023-40550 (Candidate) is related to these bugs:
Bug #2036604: Synchronous Exception when booting VMs via qemu-efi-aarch64
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
2036604 | Synchronous Exception when booting VMs via qemu-efi-aarch64 | qemu (Ubuntu) | Undecided | Confirmed | ||
2036604 | Synchronous Exception when booting VMs via qemu-efi-aarch64 | autopkgtest (Ubuntu) | Undecided | Confirmed | ||
2036604 | Synchronous Exception when booting VMs via qemu-efi-aarch64 | cloud-images | Undecided | New | ||
2036604 | Synchronous Exception when booting VMs via qemu-efi-aarch64 | edk2 (Ubuntu) | High | Fix Released | ||
2036604 | Synchronous Exception when booting VMs via qemu-efi-aarch64 | edk2 (Debian) | Unknown | Fix Released | ||
2036604 | Synchronous Exception when booting VMs via qemu-efi-aarch64 | shim (Ubuntu) | Undecided | Fix Released |
Bug #2051151: Update to shim 15.8
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
2051151 | Update to shim 15.8 | shim (Ubuntu) | Undecided | Fix Released | ||
2051151 | Update to shim 15.8 | shim-signed (Ubuntu) | Undecided | Fix Released | ||
2051151 | Update to shim 15.8 | shim (Debian) | Unknown | Fix Released | ||
2051151 | Update to shim 15.8 | shim (Ubuntu Mantic) | Undecided | Won't Fix | ||
2051151 | Update to shim 15.8 | shim-signed (Ubuntu Mantic) | Undecided | Won't Fix | ||
2051151 | Update to shim 15.8 | shim (Ubuntu Focal) | Undecided | Confirmed | ||
2051151 | Update to shim 15.8 | shim-signed (Ubuntu Focal) | Undecided | Confirmed | ||
2051151 | Update to shim 15.8 | shim (Ubuntu Noble) | Undecided | Fix Released | ||
2051151 | Update to shim 15.8 | shim-signed (Ubuntu Noble) | Undecided | Fix Released | ||
2051151 | Update to shim 15.8 | shim (Ubuntu Jammy) | Undecided | Confirmed | ||
2051151 | Update to shim 15.8 | shim-signed (Ubuntu Jammy) | Undecided | Confirmed |
See the
CVE page on Mitre.org
for more details.