Multiple cybersecurity organizations identified a vulnerability in Shim, a small application involved in the secure boot process of most Linux distributions (CVE-2023-40547). A NIST advisory rated the vulnerability as critical with a CVSS score of 9.8, and a Red Hat advisory rated the vulnerability as high with a CVSS score of 8.3. The flaw in Shim’s HTTP protocol handling could enable a network attacker to bypass secure boot, take over vulnerable Linux systems, and execute remote code. Eclypsium noted that an attacker on the same network could alter the reboot execution environment to load a compromised shim loader. This would allow an attacker to gain control of target systems before the machine is able to load the kernel and operating systems, along with their protective measures. Users can mitigate the vulnerability by updating Shim and the secure boot chain of trust to their patched versions.
Read More: