Launchpad.net

CVE 2023-40550

An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase.

Related bugs and status

CVE-2023-40550 (Candidate) is related to these bugs:

Bug #2036604: Synchronous Exception when booting VMs via qemu-efi-aarch64

		In	Importance	Status
2036604	Synchronous Exception when booting VMs via qemu-efi-aarch64	qemu (Ubuntu)	Undecided	Confirmed
2036604	Synchronous Exception when booting VMs via qemu-efi-aarch64	autopkgtest (Ubuntu)	Undecided	Confirmed
2036604	Synchronous Exception when booting VMs via qemu-efi-aarch64	cloud-images	Undecided	New
2036604	Synchronous Exception when booting VMs via qemu-efi-aarch64	edk2 (Ubuntu)	High	Fix Released
2036604	Synchronous Exception when booting VMs via qemu-efi-aarch64	edk2 (Debian)	Unknown	Fix Released
2036604	Synchronous Exception when booting VMs via qemu-efi-aarch64	shim (Ubuntu)	Undecided	Fix Released

Bug #2051151: Update to shim 15.8

		In	Importance	Status
2051151	Update to shim 15.8	shim (Ubuntu)	Undecided	Fix Released
2051151	Update to shim 15.8	shim-signed (Ubuntu)	Undecided	Fix Released
2051151	Update to shim 15.8	shim (Debian)	Unknown	Fix Released
2051151	Update to shim 15.8	shim (Ubuntu Mantic)	Undecided	Confirmed
2051151	Update to shim 15.8	shim-signed (Ubuntu Mantic)	Undecided	Confirmed
2051151	Update to shim 15.8	shim (Ubuntu Focal)	Undecided	Confirmed
2051151	Update to shim 15.8	shim-signed (Ubuntu Focal)	Undecided	Confirmed
2051151	Update to shim 15.8	shim (Ubuntu Noble)	Undecided	Fix Released
2051151	Update to shim 15.8	shim-signed (Ubuntu Noble)	Undecided	Fix Released
2051151	Update to shim 15.8	shim (Ubuntu Jammy)	Undecided	Confirmed
2051151	Update to shim 15.8	shim-signed (Ubuntu Jammy)	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2023-40550

Related bugs and status

Related bugs

References