#Cybersecurity#vulnerability#malware#security#software
  • Home
  • Critical Boot Loader Vulnerability in Shim Impacts Nearly All Linux Distros

Critical Boot Loader Vulnerability in Shim Impacts Nearly All Linux Distros

Author : ArmCoding
08-02-2024
Share
Critical Boot Loader Vulnerability in Shim Impacts Nearly All Linux Distros

The maintainers of shim have released version 15.8 to address six security flaws, including a critical bug that could pave the way for remote code execution under specific circumstances.

Tracked as CVE-2023-40547 (CVSS score: 9.8), the vulnerability could be exploited to achieve a Secure Boot bypass. Bill Demirkapi of the Microsoft Security Response Center (MSRC) has been credited with discovering and reporting the bug.

Major Linux distributions that use shim such as DebianRed HatSUSE, and Ubuntu have all released advisories for the security flaw.

Demirkapi, in a post shared on X (formerly Twitter) late last month, said the vulnerability “exists in every Linux boot loader signed in the past decade.”

shim refers to a “trivial” software package that’s designed to work as a first-stage boot loader on Unified Extensible Firmware Interface (UEFI) systems.

That said, obtaining the ability to execute code during the boot process – which occurs before the main operating system starts – grants the attacker carte blanche access to deploy stealthy bootkits that can give near-total control over the compromised host.

The five other vulnerabilities fixed in shim version 15.8 are below –

  • CVE-2023-40546 (CVSS score: 5.3) – Out-of-bounds read when printing error messages, resulting in a denial-of-service (DoS) condition
  • CVE-2023-40548 (CVSS score: 7.4) – Buffer overflow in shim when compiled for 32-bit processors that can lead to a crash or data integrity issues during the boot phase
  • CVE-2023-40549 (CVSS score: 5.5) – Out-of-bounds read in the authenticode function that could permit an attacker to trigger a DoS by providing a malformed binary
  • CVE-2023-40550 (CVSS score: 5.5) – Out-of-bounds read when validating Secure Boot Advanced Targeting (SBAT) information that could result in information disclosure
  • CVE-2023-40551 (CVSS score: 7.1) – Out-of-bounds read when parsing MZ binaries, leading to a crash or possible exposure of sensitive data

“An attacker exploiting this vulnerability gains control of the system before the kernel is loaded, which means they have privileged access and the ability to circumvent any controls implemented by the kernel and operating system,” Eclypsium noted.

 

Source: https://thehackernews.com/

#Crime#CVE#Cybersecurity#google#Hacker#security#software#vulnerability
CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw
CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw
  • 31-05-2024
Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities
Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities
  • 31-05-2024
BreachForums Returns Just Weeks After FBI Seizure – Honeypot or Blunder?
BreachForums Returns Just Weeks After FBI Seizure – Honeypot or Blunder?
  • 30-05-2024
Okta Warns of Credential Stuffing Attacks Targeting Customer Identity Cloud
Okta Warns of Credential Stuffing Attacks Targeting Customer Identity Cloud
  • 30-05-2024
WordPress Plugin Exploited to Steal Credit Card Data from E-commerce Sites
WordPress Plugin Exploited to Steal Credit Card Data from E-commerce Sites
  • 29-05-2024
TP-Link Gaming Router Vulnerability Exposes Users to Remote Code Attacks
TP-Link Gaming Router Vulnerability Exposes Users to Remote Code Attacks
  • 29-05-2024
4th Zero-Day Exploit Discovered in May 2024
4th Zero-Day Exploit Discovered in May 2024
  • 27-05-2024
Beware: These Fake Antivirus Sites Spreading Android and Windows Malware
Beware: These Fake Antivirus Sites Spreading Android and Windows Malware
  • 27-05-2024
CISA Warns of Actively Exploited Apache Flink Security Vulnerability
CISA Warns of Actively Exploited Apache Flink Security Vulnerability
  • 24-05-2024