Bugzilla – Bug 1215103
VUL-0: CVE-2023-40551: shim: pe-relocate: Fix bounds check for MZ binaries
Last modified: 2024-07-12 09:30:19 UTC
CRD: 2023-12-12
Created attachment 871411 [details] shim commit CVE-2023-40551 from keybase
Created attachment 871511 [details] CVE-2023-40551 codes from keybase
embargo end was shifted again: CRD: 2024-01-23
is public https://github.com/rhboot/shim/releases/tag/15.8
This CVE was revealed on January 23, 2024 in a new shim-15.8 release. At the same time, a shim-15.8 update has been submitted to Factory. Please refer https://build.opensuse.org/request/show/1142576
(In reply to Tseng from comment #10) > This CVE was revealed on January 23, 2024 in a new shim-15.8 release. > At the same time, a shim-15.8 update has been submitted to Factory. Please > refer https://build.opensuse.org/request/show/1142576 I can't see the status of this build request, would it be possible for someone with access to let me know where this stands?
the shim 5.18 for SLE is in the build pipeline. As it needs to be signed by Microsoft, there are some additional steps required which take an unknown amount of time.
(In reply to Marcus Meissner from comment #14) > the shim 5.18 for SLE is in the build pipeline. > > As it needs to be signed by Microsoft, there are some additional steps > required which take an unknown amount of time. Hi Marcus, Should we expect another few weeks, or days?
review requests are in https://github.com/rhboot/shim-review/issues/393 https://github.com/rhboot/shim-review/issues/394 currently there's quite a bit of activity in the repo, but I would rather assume weeks instead of days
Hi Johannes, There was ongoing activity in both Github issues until about 2 weeks ago. Are we still awaiting further review from Microsoft?
We still wait for the community reviewers to review and approve. (until the issue has an "approved" label) Only after that we will go to MS for signing.
(In reply to Marcus Meissner from comment #18) > We still wait for the community reviewers to review and approve. (until the > issue has an "approved" label) > > Only after that we will go to MS for signing. I realize that this is a slow laborious process and we don't do it often. Is there any way that we can update customers on the progress publicly?
it's not a secret process. The customer can check the github issues linked above or we can communicate it to them
(In reply to Johannes Segitz from comment #20) > it's not a secret process. The customer can check the github issues linked > above or we can communicate it to them Thank you for asking within the github about what we're waiting on, it'd been 3 weeks since any updates were provided.
SUSE-SU-2024:1368-1: An update that solves seven vulnerabilities, contains one feature and has five security fixes can now be installed. Category: security (important) Bug References: 1198101, 1205588, 1205855, 1210382, 1213945, 1215098, 1215099, 1215100, 1215101, 1215102, 1215103, 1219460 CVE References: CVE-2022-28737, CVE-2023-40546, CVE-2023-40547, CVE-2023-40548, CVE-2023-40549, CVE-2023-40550, CVE-2023-40551 Jira References: PED-922 Maintenance Incident: [SUSE:Maintenance:32617](https://smelt.suse.de/incident/32617/) Sources used: openSUSE Leap 15.3 (src): shim-15.8-150300.4.20.2, efitools-1.9.2-150300.7.3.1 openSUSE Leap Micro 5.3 (src): shim-15.8-150300.4.20.2 openSUSE Leap Micro 5.4 (src): shim-15.8-150300.4.20.2 openSUSE Leap 15.5 (src): shim-15.8-150300.4.20.2 SUSE Linux Enterprise Micro for Rancher 5.3 (src): shim-15.8-150300.4.20.2 SUSE Linux Enterprise Micro 5.3 (src): shim-15.8-150300.4.20.2 SUSE Linux Enterprise Micro for Rancher 5.4 (src): shim-15.8-150300.4.20.2 SUSE Linux Enterprise Micro 5.4 (src): shim-15.8-150300.4.20.2 SUSE Linux Enterprise Micro 5.5 (src): shim-15.8-150300.4.20.2 Basesystem Module 15-SP5 (src): shim-15.8-150300.4.20.2 SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): shim-15.8-150300.4.20.2 SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (src): shim-15.8-150300.4.20.2 SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (src): shim-15.8-150300.4.20.2 SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src): shim-15.8-150300.4.20.2 SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): shim-15.8-150300.4.20.2 SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (src): shim-15.8-150300.4.20.2 SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): shim-15.8-150300.4.20.2 SUSE Linux Enterprise Server for SAP Applications 15 SP4 (src): shim-15.8-150300.4.20.2 SUSE Manager Proxy 4.3 (src): shim-15.8-150300.4.20.2 SUSE Manager Retail Branch Server 4.3 (src): shim-15.8-150300.4.20.2 SUSE Manager Server 4.3 (src): shim-15.8-150300.4.20.2 SUSE Enterprise Storage 7.1 (src): shim-15.8-150300.4.20.2 SUSE Linux Enterprise Micro 5.1 (src): shim-15.8-150300.4.20.2 SUSE Linux Enterprise Micro 5.2 (src): shim-15.8-150300.4.20.2 SUSE Linux Enterprise Micro for Rancher 5.2 (src): shim-15.8-150300.4.20.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Thank you for the update! My customer is on SLES_SAP 15 SP2. Can it be published there as well?
We will work on 15-SP2, 12-SP5 shim updates now.
SUSE-SU-2024:1462-1: An update that solves seven vulnerabilities, contains one feature and has five security fixes can now be installed. Category: security (important) Bug References: 1198101, 1205588, 1205855, 1210382, 1213945, 1215098, 1215099, 1215100, 1215101, 1215102, 1215103, 1219460 CVE References: CVE-2022-28737, CVE-2023-40546, CVE-2023-40547, CVE-2023-40548, CVE-2023-40549, CVE-2023-40550, CVE-2023-40551 Jira References: PED-922 Maintenance Incident: [SUSE:Maintenance:33581](https://smelt.suse.de/incident/33581/) Sources used: SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): shim-15.8-25.30.1 SUSE Linux Enterprise High Performance Computing 12 SP5 (src): shim-15.8-25.30.1 SUSE Linux Enterprise Server 12 SP5 (src): shim-15.8-25.30.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2024:1461-1: An update that solves seven vulnerabilities, contains one feature and has five security fixes can now be installed. Category: security (important) Bug References: 1198101, 1205588, 1205855, 1210382, 1213945, 1215098, 1215099, 1215100, 1215101, 1215102, 1215103, 1219460 CVE References: CVE-2022-28737, CVE-2023-40546, CVE-2023-40547, CVE-2023-40548, CVE-2023-40549, CVE-2023-40550, CVE-2023-40551 Jira References: PED-922 Maintenance Incident: [SUSE:Maintenance:33579](https://smelt.suse.de/incident/33579/) Sources used: SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): shim-15.8-150100.3.38.1 SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): shim-15.8-150100.3.38.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): shim-15.8-150100.3.38.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.