Red Hat Security Advisory 2014-1801-01 - Shim is the initial UEFI bootloader that handles chaining to a trusted full bootloader under secure boot environments. A heap-based buffer overflow flaw was found the way shim parsed certain IPv6 addresses. If IPv6 network booting was enabled, a malicious server could supply a crafted IPv6 address that would cause shim to crash or, potentially, execute arbitrary code. An out-of-bounds memory write flaw was found in the way shim processed certain Machine Owner Keys. A local attacker could potentially use this flaw to execute arbitrary code on the system.
0171334d7aa257e314bc0281597d3f19bc1049a94ca6aa0907ff335730228390