Linux Devs Rush to Patch Critical Vulnerability in Shim

Linux developers have addressed a new security flaw discovered in Shim, a component crucial for the boot process in Linux-based systems.

This vulnerability poses a significant risk by allowing the installation of malware that operates at the firmware level (secure boot bypass), presenting challenges for detection and removal.

Tracked as CVE-2023-40547, the flaw has been CVSS rated as “9.8 Critical” by NIST and “8.3 High” by Red Hat, indicating its severity.

Shim functions as a critical element in the early boot phase before the operating system initializes and has been found vulnerable to remote code execution. The flaw arises from the component’s trust in attacker-controlled values during HTTP response parsing.

This weakness enables threat actors to craft malicious HTTP requests, ultimately leading to a complete system compromise through controlled out-of-bounds write operations. Notably, exploitation of this vulnerability necessitates either a Man-in-the-Middle attack or compromise of the boot server, limiting its accessibility to attackers.

Linux Devs Rush to Patch Critical Vulnerability in Shim

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

Linux Devs Rush to Patch Critical Vulnerability in Shim

08-Feb-24

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address