Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Untriaged

Permalink CVE-2023-40547

created 4 months, 3 weeks ago

Shim: rce in http boot support may lead to secure boot bypass

A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise.

Affected products

shim

*
==15.8
==15.8-1.el7

shim-signed

*

shim-unsigned-x64

*

shim-unsigned-aarch64

*

Matching in nixpkgs

pkgs.yoshimi

High quality software synthesizer based on ZynAddSubFX

nixos-unstable -
- nixpkgs-unstable 2.3.4.1

pkgs.epoll-shim

Small epoll implementation using kqueue

nixos-unstable -
- nixpkgs-unstable 0.0.20240608

pkgs.libudev0-shim

Shim to preserve libudev.so.0 compatibility

nixos-unstable -
- nixpkgs-unstable 1

pkgs.plex-mpv-shim

Allows casting of videos to MPV via the Plex mobile and web app

nixos-unstable -
- nixpkgs-unstable 1.11.0

pkgs.shim-unsigned

UEFI shim loader

nixos-unstable -
- nixpkgs-unstable 16.1

pkgs.doas-sudo-shim

Shim for the sudo command that utilizes doas

nixos-unstable -
- nixpkgs-unstable 0.1.2

pkgs.rshim-user-space

User-space rshim driver for the BlueField SoC

nixos-unstable -
- nixpkgs-unstable 2.4.4

pkgs.jellyfin-mpv-shim

Allows casting of videos to MPV via the jellyfin mobile and web app

nixos-unstable -
- nixpkgs-unstable 2.9.0

pkgs.mpv-shim-default-shaders

Preconfigured set of MPV shaders and configurations for MPV Shim media clients

nixos-unstable -
- nixpkgs-unstable 2.1.0

pkgs.python312Packages.shimmy

API conversion tool for popular external reinforcement learning environments

nixos-unstable -
- nixpkgs-unstable 2.0.0

pkgs.pantheon.elementary-print-shim

Simple shim for printing support via Contractor

nixos-unstable -
- nixpkgs-unstable 0.1.3

pkgs.python312Packages.notebook-shim

Switch frontends to Jupyter Server

nixos-unstable -
- nixpkgs-unstable 0.2.4

pkgs.python313Packages.notebook-shim

Switch frontends to Jupyter Server

nixos-unstable -
- nixpkgs-unstable 0.2.4

pkgs.python312Packages.pytz-deprecation-shim

Shims to make deprecation of pytz easier

nixos-unstable -
- nixpkgs-unstable 0.1.0.post0

pkgs.python313Packages.pytz-deprecation-shim

Shims to make deprecation of pytz easier

nixos-unstable -
- nixpkgs-unstable 0.1.0.post0

Package maintainers

@dani0854 Danil Suetin <suetin085+nixpkgs@protonmail.com>
@wegank Weijia Wang <contact@weijia.wang>
@jojosch Johannes Schleifenbaum <johannes@js-webcoding.de>
@devusb Morgan Helton <mhelton@devusb.us>
@davidak David Kleuker <post@davidak.de>
@bobby285271 Bobby Rong <rjl931189261@126.com>
@dotlambda Robert Schütz <rschuetz17@gmail.com>
@GaetanLepage Gaetan Lepage <gaetan@glepage.com>
@thillux Markus Theil <theil.markus@gmail.com>
@baloo Arthur Gautier <nixpkgs@superbaloo.net>
@RaitoBezarius Ryan Lahfa <ryan@lahfa.xyz>