A critical vulnerability in Shim, a crucial component used by most Linux distributions during the boot process to support secure boot, has been identified. Tracked as CVE-2023-40547, the flaw allows a network attacker to bypass secure boot and take control of a vulnerable Linux system. This vulnerability arises from Shim’s HTTP protocol handling, leading to an out-of-bounds write that could be exploited for remote code execution. Red Hat assesses the bug as ‘high severity,’ while the NIST advisory assigns it a CVSS score of 9.8. Attackers could intercept HTTP traffic to deliver malicious requests or manipulate PXE to load a vulnerable Shim bootloader, gaining privileged access to the system before the kernel is loaded. Resolving the vulnerability requires updating Shim to a patched version and refreshing the UEFI Secure Boot DBX revocation list. Additionally, five other high- and medium-severity vulnerabilities in Shim have been disclosed, posing risks such as crashes, denial-of-service, or data leakage during system boot.
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.