CVE-2014-3677

Опубликовано: 13 окт. 2014

Источник: redhat

CVSS2: 4.6

Описание

Unspecified vulnerability in Shim might allow attackers to execute arbitrary code via a crafted MOK list, which triggers memory corruption.

An out-of-bounds memory write flaw was found in the way shim processed certain Machine Owner Keys (MOKs). A local attacker could potentially use this flaw to execute arbitrary code on the system.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-787

https://bugzilla.redhat.com/show_bug.cgi?id=1148232shim: memory corruption flaw when processing Machine Owner Keys (MOKs)

4.6 Medium

CVSS2

Связанные уязвимости

CVE-2014-3677

ubuntu

больше 11 лет назад

Unspecified vulnerability in Shim might allow attackers to execute arbitrary code via a crafted MOK list, which triggers memory corruption.

CVE-2014-3677

nvd

больше 11 лет назад

Unspecified vulnerability in Shim might allow attackers to execute arbitrary code via a crafted MOK list, which triggers memory corruption.

GHSA-mcwp-922h-789p

github

больше 3 лет назад

Unspecified vulnerability in Shim might allow attackers to execute arbitrary code via a crafted MOK list, which triggers memory corruption.

ELSA-2014-1801

oracle-oval

больше 11 лет назад

ELSA-2014-1801: shim security update (MODERATE)

BDU:2015-06536

fstec

больше 11 лет назад

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

4.6 Medium

CVSS2