The content discusses a bug in the shim software that retrieves files via HTTP or related protocols. The bug occurs when the code mistakenly uses header information for buffer allocation, but uses protocol metadata to copy the data. This results in an out-of-bounds write. To fix this issue, a patch has been introduced that adds a check to ensure that the buffer size is not larger than the allocation. The bug was reported by Bill Demirkapi from the Microsoft Security Response Center. This resolves the vulnerability tagged as CVE-2023-40547.
https://github.com/rhboot/shim/commit/0226b56513b2b8bd5fd281bce77c40c9bf07c66d