Linux developers have addressed a new security flaw discovered in Shim, a component crucial for the boot process in Linux-based systems.
This vulnerability poses a significant risk by allowing the installation of malware that operates at the firmware level, presenting challenges for detection and removal.
Shim functions as a critical element in the early boot phase before the operating system initializes and has been found vulnerable to remote code execution.
The flaw arises from the component's trust in attacker-controlled values during HTTP response parsing.
This weakness enables threat actors to craft malicious HTTP requests, ultimately leading to a complete system compromise through controlled out-of-bounds write operations.
Notably, exploitation of this vulnerability necessitates either a Man-in-the-Middle attack or compromise of the boot server, limiting its accessibility to attackers.
The urgency to address this critical issue prompted the release of Shim version 15.8 by its maintainers.
This update not only patches the aforementioned vulnerability but also addresses five additional security flaws.
The bug discovery and reporting have been credited to Bill Demirkapi from the Microsoft Security Response Center.
This Cyber News was published on www.infosecurity-magazine.com. Publication date: Thu, 08 Feb 2024 16:35:05 +0000