CVE-2022-28737

There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code execution is not discarded in such scenario.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 7%
Affected Products (NVD)
VendorProductVersion
redhatshim
𝑥
< 15.6
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
redhatshim
𝑥
< 15.6
ADP
Debian logo
Debian Releases
Debian Product
Codename
shim
bookworm
15.8-1~deb12u1
fixed
bullseye
15.8-1~deb11u1
fixed
buster
no-dsa
sid
15.8-1
fixed
trixie
15.8-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
shim
bionic
pending
focal
Fixed 15.7-0ubuntu1
released
impish
ignored
jammy
Fixed 15.7-0ubuntu1
released
kinetic
ignored
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
ignored
xenial
ignored
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
grub2-common
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-efi-aa64
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-efi-aa64-cdboot
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-efi-aa64-modules
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-efi-ia32
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
grub2-efi-ia32-cdboot
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
grub2-efi-ia32-modules
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
grub2-efi-x64
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-efi-x64-cdboot
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-efi-x64-modules
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-pc
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-pc-modules
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-ppc64le
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-ppc64le-modules
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-tools
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-tools-efi
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-tools-extra
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
grub2-tools-minimal
RHEL 8
1:2.02-123.el8_6.8
fixed
RHEL 8.1 E4S
1:2.02-87.el8_1.10
fixed
RHEL 8.2 AUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 E4S
1:2.02-87.el8_2.10
fixed
RHEL 8.2 EUS
1:2.02-87.el8_2.10
fixed
RHEL 8.2 TUS
1:2.02-87.el8_2.10
fixed
RHEL 8.4 AUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 E4S
1:2.02-99.el8_4.9
fixed
RHEL 8.4 EUS
1:2.02-99.el8_4.9
fixed
RHEL 8.4 TUS
1:2.02-99.el8_4.9
fixed
RHEL 8.6 AUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 E4S
1:2.02-123.el8_6.8
fixed
RHEL 8.6 EUS
1:2.02-123.el8_6.8
fixed
RHEL 8.6 TUS
1:2.02-123.el8_6.8
fixed
RHEL 9
1:2.06-27.el9_0.7
fixed
shim-aa64
RHEL 8
0:15.6-1.el8
fixed
RHEL 9
0:15.6-1.el9
fixed
shim-ia32
RHEL 8
0:15.6-1.el8
fixed
shim-unsigned-x64
RHEL 8
0:15.6-1.el8
fixed
RHEL 9
0:15.6-1.el9
fixed
shim-x64
RHEL 8
0:15.6-1.el8
fixed
RHEL 9
0:15.6-1.el9
fixed
Common Weakness Enumeration
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28737
https://www.openwall.com/lists/oss-security/2022/06/07/5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28737
https://www.openwall.com/lists/oss-security/2022/06/07/5