{ "document": { "aggregate_severity": { "text": "Medium" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/oraclelinux7els/vex/2023/cve-2023-40550-els_os-oraclelinux7els.json" } ], "tracking": { "current_release_date": "2026-05-07T01:25:45Z", "generator": { "date": "2026-05-07T01:25:45Z", "engine": { "name": "pyCSAF" } }, "id": "CVE-2023-40550-ELS_OS-ORACLELINUX7ELS", "initial_release_date": "2023-01-01T00:00:00Z", "revision_history": [ { "date": "2023-01-01T00:00:00Z", "number": "1", "summary": "Initial version" }, { "date": "2026-04-17T17:51:55Z", "number": "2", "summary": "Official Publication" }, { "date": "2026-05-07T01:25:45Z", "number": "3", "summary": "Update document" } ], "status": "final", "version": "3" }, "title": "Security update on CVE-2023-40550" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Oracle Linux 7", "product": { "name": "Oracle Linux 7", "product_id": "Oracle-Linux-7", "product_identification_helper": { "cpe": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Oracle Linux" }, { "branches": [ { "category": "product_version", "name": "mokutil-0:15.8-2.el7.x86_64", "product": { "name": "mokutil-0:15.8-2.el7.x86_64", "product_id": "mokutil-0:15.8-2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/oracle/mokutil@15.8-2.el7?arch=x86_64" } } }, { "category": "product_version", "name": "shim-x64-0:15.8-2.el7.x86_64", "product": { "name": "shim-x64-0:15.8-2.el7.x86_64", "product_id": "shim-x64-0:15.8-2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/oracle/shim-x64@15.8-2.el7?arch=x86_64" } } }, { "category": "product_version", "name": "shim-ia32-0:15.8-2.el7.x86_64", "product": { "name": "shim-ia32-0:15.8-2.el7.x86_64", "product_id": "shim-ia32-0:15.8-2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/oracle/shim-ia32@15.8-2.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Oracle Corporation" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "mokutil-0:15.8-2.el7.tuxcare.els1.x86_64", "product": { "name": "mokutil-0:15.8-2.el7.tuxcare.els1.x86_64", "product_id": "mokutil-0:15.8-2.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/mokutil@15.8-2.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "shim-x64-0:15.8-2.el7.tuxcare.els1.x86_64", "product": { "name": "shim-x64-0:15.8-2.el7.tuxcare.els1.x86_64", "product_id": "shim-x64-0:15.8-2.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/shim-x64@15.8-2.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "shim-ia32-0:15.8-2.el7.tuxcare.els1.x86_64", "product": { "name": "shim-ia32-0:15.8-2.el7.tuxcare.els1.x86_64", "product_id": "shim-ia32-0:15.8-2.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/shim-ia32@15.8-2.el7.tuxcare.els1?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "mokutil-0:15.8-2.el7.tuxcare.els1.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:mokutil-0:15.8-2.el7.tuxcare.els1.x86_64" }, "product_reference": "mokutil-0:15.8-2.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "shim-x64-0:15.8-2.el7.tuxcare.els1.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:shim-x64-0:15.8-2.el7.tuxcare.els1.x86_64" }, "product_reference": "shim-x64-0:15.8-2.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "shim-ia32-0:15.8-2.el7.tuxcare.els1.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:shim-ia32-0:15.8-2.el7.tuxcare.els1.x86_64" }, "product_reference": "shim-ia32-0:15.8-2.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "mokutil-0:15.8-2.el7.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:mokutil-0:15.8-2.el7.x86_64" }, "product_reference": "mokutil-0:15.8-2.el7.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "shim-x64-0:15.8-2.el7.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:shim-x64-0:15.8-2.el7.x86_64" }, "product_reference": "shim-x64-0:15.8-2.el7.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "shim-ia32-0:15.8-2.el7.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:shim-ia32-0:15.8-2.el7.x86_64" }, "product_reference": "shim-ia32-0:15.8-2.el7.x86_64", "relates_to_product_reference": "Oracle-Linux-7" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-40550", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "known_affected": [ "Oracle-Linux-7:mokutil-0:15.8-2.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:mokutil-0:15.8-2.el7.x86_64", "Oracle-Linux-7:shim-ia32-0:15.8-2.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:shim-ia32-0:15.8-2.el7.x86_64", "Oracle-Linux-7:shim-x64-0:15.8-2.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:shim-x64-0:15.8-2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-40550" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:1834", "url": "https://access.redhat.com/errata/RHSA-2024:1834" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:1835", "url": "https://access.redhat.com/errata/RHSA-2024:1835" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:1873", "url": "https://access.redhat.com/errata/RHSA-2024:1873" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:1876", "url": "https://access.redhat.com/errata/RHSA-2024:1876" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:1883", "url": "https://access.redhat.com/errata/RHSA-2024:1883" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:1902", "url": "https://access.redhat.com/errata/RHSA-2024:1902" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:1903", "url": "https://access.redhat.com/errata/RHSA-2024:1903" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:1959", "url": "https://access.redhat.com/errata/RHSA-2024:1959" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:2086", "url": "https://access.redhat.com/errata/RHSA-2024:2086" }, { "category": "external", "summary": "https://access.redhat.com/security/cve/CVE-2023-40550", "url": "https://access.redhat.com/security/cve/CVE-2023-40550" }, { "category": "external", "summary": "https://bugzilla.redhat.com/show_bug.cgi?id=2259915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259915" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html", "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html" } ], "release_date": "2024-01-29T17:15:00Z", "remediations": [ { "category": "no_fix_planned", "details": "CVE-2023-40550 is a local-only out-of-bounds read in shim’s SBAT parser that is reachable only during early UEFI boot when a specially crafted bootable PE/COFF binary is presented—practically requiring the ability to alter the EFI System Partition or to boot removable media. There is no demonstrated path to code execution, and maintainers note the realistic outcome is a boot-time crash (DoS) rather than meaningful data disclosure, with no integrity or availability impact beyond that momentary failure. In typical enterprise VM/server deployments where boot artifacts are centrally provisioned and physical console access is restricted, introducing such a crafted image is unlikely, so this issue can be safely deprioritized.", "product_ids": [ "Oracle-Linux-7:mokutil-0:15.8-2.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:mokutil-0:15.8-2.el7.x86_64", "Oracle-Linux-7:shim-ia32-0:15.8-2.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:shim-ia32-0:15.8-2.el7.x86_64", "Oracle-Linux-7:shim-x64-0:15.8-2.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:shim-x64-0:15.8-2.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "Oracle-Linux-7:mokutil-0:15.8-2.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:mokutil-0:15.8-2.el7.x86_64", "Oracle-Linux-7:shim-ia32-0:15.8-2.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:shim-ia32-0:15.8-2.el7.x86_64", "Oracle-Linux-7:shim-x64-0:15.8-2.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:shim-x64-0:15.8-2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] } ] }