Package shim updated to version 15-alt1.M80P.1 for branch p8 in task 211421.

Published: 2014-11-04

BDU:2015-06431

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: HIGH (7.5) Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Published: 2014-11-04

BDU:2015-06533

Severity: HIGH (7.5) Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Published: 2014-11-04

BDU:2015-06534

Severity: HIGH (7.5) Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Published: 2014-11-04

BDU:2015-06535

Severity: HIGH (7.5) Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Published: 2014-11-04

BDU:2015-06536

Severity: HIGH (7.5) Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Published: 2014-10-22
Modified: 2025-04-12

CVE-2014-3675

Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted DHCPv6 packet.

Severity: MEDIUM (5.0) Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Published: 2014-10-22
Modified: 2025-04-12

CVE-2014-3676

Heap-based buffer overflow in Shim allows remote attackers to execute arbitrary code via a crafted IPv6 address, related to the "tftp:// DHCPv6 boot option."

Severity: HIGH (7.5) Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Published: 2014-10-22
Modified: 2025-04-12

CVE-2014-3677

Unspecified vulnerability in Shim might allow attackers to execute arbitrary code via a crafted MOK list, which triggers memory corruption.

Severity: HIGH (7.5) Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Version: 2.1.2

Package shim update in p8 on 2018-09-10

ALT-PU-2018-2301-1

Closed vulnerabilities

BDU:2015-06431

BDU:2015-06533

BDU:2015-06534

BDU:2015-06535

BDU:2015-06536

CVE-2014-3675

CVE-2014-3676

CVE-2014-3677