{ "document": { "aggregate_severity": { "text": "Medium" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/rhel7els/vex/2023/cve-2023-40551-els_os-rhel7els.json" } ], "tracking": { "current_release_date": "2026-05-07T01:26:01Z", "generator": { "date": "2026-05-07T01:26:01Z", "engine": { "name": "pyCSAF" } }, "id": "CVE-2023-40551-ELS_OS-RHEL7ELS", "initial_release_date": "2023-01-01T00:00:00Z", "revision_history": [ { "date": "2023-01-01T00:00:00Z", "number": "1", "summary": "Initial version" }, { "date": "2026-04-20T09:24:32Z", "number": "2", "summary": "Official Publication" }, { "date": "2026-05-07T01:26:01Z", "number": "3", "summary": "Update document" } ], "status": "final", "version": "3" }, "title": "Security update on CVE-2023-40551" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux 7", "product": { "name": "Red Hat Enterprise Linux 7", "product_id": "Red-Hat-7", "product_identification_helper": { "cpe": "cpe:2.3:o:redhat:enterprise_linux:7:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "shim-x64-0:15.8-2.el7.x86_64", "product": { "name": "shim-x64-0:15.8-2.el7.x86_64", "product_id": "shim-x64-0:15.8-2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/shim-x64@15.8-2.el7?arch=x86_64" } } }, { "category": "product_version", "name": "mokutil-0:15.8-2.el7.x86_64", "product": { "name": "mokutil-0:15.8-2.el7.x86_64", "product_id": "mokutil-0:15.8-2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mokutil@15.8-2.el7?arch=x86_64" } } }, { "category": "product_version", "name": "shim-ia32-0:15.8-2.el7.x86_64", "product": { "name": "shim-ia32-0:15.8-2.el7.x86_64", "product_id": "shim-ia32-0:15.8-2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/shim-ia32@15.8-2.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat, Inc." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "shim-x64-0:15.8-2.el7.tuxcare.els1.x86_64", "product": { "name": "shim-x64-0:15.8-2.el7.tuxcare.els1.x86_64", "product_id": "shim-x64-0:15.8-2.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/shim-x64@15.8-2.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "mokutil-0:15.8-2.el7.tuxcare.els1.x86_64", "product": { "name": "mokutil-0:15.8-2.el7.tuxcare.els1.x86_64", "product_id": "mokutil-0:15.8-2.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/mokutil@15.8-2.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "shim-ia32-0:15.8-2.el7.tuxcare.els1.x86_64", "product": { "name": "shim-ia32-0:15.8-2.el7.tuxcare.els1.x86_64", "product_id": "shim-ia32-0:15.8-2.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/shim-ia32@15.8-2.el7.tuxcare.els1?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "shim-x64-0:15.8-2.el7.tuxcare.els1.x86_64 as a component of Red Hat Enterprise Linux 7", "product_id": "Red-Hat-7:shim-x64-0:15.8-2.el7.tuxcare.els1.x86_64" }, "product_reference": "shim-x64-0:15.8-2.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "Red-Hat-7" }, { "category": "default_component_of", "full_product_name": { "name": "mokutil-0:15.8-2.el7.tuxcare.els1.x86_64 as a component of Red Hat Enterprise Linux 7", "product_id": "Red-Hat-7:mokutil-0:15.8-2.el7.tuxcare.els1.x86_64" }, "product_reference": "mokutil-0:15.8-2.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "Red-Hat-7" }, { "category": "default_component_of", "full_product_name": { "name": "shim-ia32-0:15.8-2.el7.tuxcare.els1.x86_64 as a component of Red Hat Enterprise Linux 7", "product_id": "Red-Hat-7:shim-ia32-0:15.8-2.el7.tuxcare.els1.x86_64" }, "product_reference": "shim-ia32-0:15.8-2.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "Red-Hat-7" }, { "category": "default_component_of", "full_product_name": { "name": "shim-x64-0:15.8-2.el7.x86_64 as a component of Red Hat Enterprise Linux 7", "product_id": "Red-Hat-7:shim-x64-0:15.8-2.el7.x86_64" }, "product_reference": "shim-x64-0:15.8-2.el7.x86_64", "relates_to_product_reference": "Red-Hat-7" }, { "category": "default_component_of", "full_product_name": { "name": "mokutil-0:15.8-2.el7.x86_64 as a component of Red Hat Enterprise Linux 7", "product_id": "Red-Hat-7:mokutil-0:15.8-2.el7.x86_64" }, "product_reference": "mokutil-0:15.8-2.el7.x86_64", "relates_to_product_reference": "Red-Hat-7" }, { "category": "default_component_of", "full_product_name": { "name": "shim-ia32-0:15.8-2.el7.x86_64 as a component of Red Hat Enterprise Linux 7", "product_id": "Red-Hat-7:shim-ia32-0:15.8-2.el7.x86_64" }, "product_reference": "shim-ia32-0:15.8-2.el7.x86_64", "relates_to_product_reference": "Red-Hat-7" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-40551", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "known_affected": [ "Red-Hat-7:mokutil-0:15.8-2.el7.tuxcare.els1.x86_64", "Red-Hat-7:mokutil-0:15.8-2.el7.x86_64", "Red-Hat-7:shim-ia32-0:15.8-2.el7.tuxcare.els1.x86_64", "Red-Hat-7:shim-ia32-0:15.8-2.el7.x86_64", "Red-Hat-7:shim-x64-0:15.8-2.el7.tuxcare.els1.x86_64", "Red-Hat-7:shim-x64-0:15.8-2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-40551" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:1834", "url": "https://access.redhat.com/errata/RHSA-2024:1834" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:1835", "url": "https://access.redhat.com/errata/RHSA-2024:1835" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:1873", "url": "https://access.redhat.com/errata/RHSA-2024:1873" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:1876", "url": "https://access.redhat.com/errata/RHSA-2024:1876" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:1883", "url": "https://access.redhat.com/errata/RHSA-2024:1883" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:1902", "url": "https://access.redhat.com/errata/RHSA-2024:1902" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:1903", "url": "https://access.redhat.com/errata/RHSA-2024:1903" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:1959", "url": "https://access.redhat.com/errata/RHSA-2024:1959" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2024:2086", "url": "https://access.redhat.com/errata/RHSA-2024:2086" }, { "category": "external", "summary": "https://access.redhat.com/security/cve/CVE-2023-40551", "url": "https://access.redhat.com/security/cve/CVE-2023-40551" }, { "category": "external", "summary": "https://bugzilla.redhat.com/show_bug.cgi?id=2259918", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259918" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html", "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html" } ], "release_date": "2024-01-29T17:15:00Z", "remediations": [ { "category": "no_fix_planned", "details": "This flaw is an out-of-bounds read in shim’s MZ parser that can at worst cause a boot-time crash or limited memory disclosure, with no integrity impact and no indication of code execution. Exploitation is local-only and requires high privileges to place or cause shim to process a crafted MZ file during boot (e.g., by modifying the EFI System Partition or controlling boot media), which already presumes administrative or physical control. In centrally imaged enterprise servers and cloud VMs where boot artifacts are fixed and not writable by standard users, the practical attack surface is minimal, so this can be safely deprioritized.", "product_ids": [ "Red-Hat-7:mokutil-0:15.8-2.el7.tuxcare.els1.x86_64", "Red-Hat-7:mokutil-0:15.8-2.el7.x86_64", "Red-Hat-7:shim-ia32-0:15.8-2.el7.tuxcare.els1.x86_64", "Red-Hat-7:shim-ia32-0:15.8-2.el7.x86_64", "Red-Hat-7:shim-x64-0:15.8-2.el7.tuxcare.els1.x86_64", "Red-Hat-7:shim-x64-0:15.8-2.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H", "version": "3.1" }, "products": [ "Red-Hat-7:mokutil-0:15.8-2.el7.tuxcare.els1.x86_64", "Red-Hat-7:mokutil-0:15.8-2.el7.x86_64", "Red-Hat-7:shim-ia32-0:15.8-2.el7.tuxcare.els1.x86_64", "Red-Hat-7:shim-ia32-0:15.8-2.el7.x86_64", "Red-Hat-7:shim-x64-0:15.8-2.el7.tuxcare.els1.x86_64", "Red-Hat-7:shim-x64-0:15.8-2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] } ] }