- Description
- A LogoFAIL issue was discovered in BmpDecoderDxe in Insyde InsydeH2O with kernel 5.2 before 05.28.47, 5.3 before 05.37.47, 5.4 before 05.45.47, 5.5 before 05.53.47, and 5.6 before 05.60.47 for certain Lenovo devices. Image parsing of crafted BMP logo files can copy data to a specific address during the DXE phase of UEFI execution. This occurs because of an integer signedness error involving PixelHeight and PixelWidth during RLE4/RLE8 compression.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
- nvd@nist.gov
- CWE-312
- Hype score
- Not currently trending
The recently uncovered 'Bootkitty' Linux UEFI bootkit exploits the LogoFAIL flaw, tracked as CVE-2023-40238, to target computers running on vulnerable firmware. #cybersecurity https://t.co/7Sr3OgM3if
@cybertzar
3 Dec 2024
27 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Odkryto prototyp bootkita wykorzystującego UEFI o nazwie 'Bootkitty'. Został stworzony w ramach południowokoreańskiego programu akademickiego 'Best of the Best'. Wykorzystuje on lukę LogoFAIL (CVE-2023-40238) do obejścia Secure Boot w systemach Linux.
@arkady86
3 Dec 2024
63 Impressions
1 Retweet
3 Likes
1 Bookmark
0 Replies
0 Quotes
The 'Bootkitty' Linux UEFI bootkit, a recently discovered malware, leverages the LogoFAIL vulnerability, also known as CVE-2023-40238, to target vulnerable firmware on computers. https://t.co/u3RzrN9eym
@VULNERAsecurity
2 Dec 2024
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Discover the threat of BootKitty, a groundbreaking UEFI bootkit that targets Linux systems through the LogoFAIL vulnerability (CVE-2023-40238). Learn how this malware exploits weak UEFI firmware and what it means for your security. Read more here: https://t.co/eEvLgqzBKa
@trubetech
2 Dec 2024
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
First Linux UEFI bootkit, Bootkitty, discovered! Exploits LogoFAIL vulnerability (CVE-2023-40238) affecting Acer, HP, Fujitsu & Lenovo. Proof-of-concept, but highlights growing UEFI threat. # https://t.co/K9VHuac3Lm
@TLDRStories
2 Dec 2024
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Security Alert: Bootkitty Bootkit Targets Linux via UEFI Vulnerability (CVE-2023-40238) Uncover the LogoFAIL vulnerability and #Bootkitty, the new UEFI bootkit targeting #Linux. Explore the impact of this emerging firmware-based threat. https://t.co/pzaBf1nnso
@the_yellow_fall
2 Dec 2024
207 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "789083DE-7DBF-4943-A1BE-B82472E6FA3A",
"versionEndExcluding": "5.2.05.28.47",
"versionStartIncluding": "5.2"
},
{
"criteria": "cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08AB501F-EF6C-42C2-996C-DDEF497A79BC",
"versionEndExcluding": "5.3.05.37.47",
"versionStartIncluding": "5.3"
},
{
"criteria": "cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D8015F0C-512D-46B6-9FCA-3FC015D33F43",
"versionEndExcluding": "5.4.05.45.47",
"versionStartIncluding": "5.4"
},
{
"criteria": "cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "16CCE808-25A8-4EBE-82D8-4CA1792FE198",
"versionEndExcluding": "5.5.05.53.47",
"versionStartIncluding": "5.5"
},
{
"criteria": "cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "814A299E-F6E9-4A1A-A1AD-CC5E7E063FB8",
"versionEndExcluding": "5.6.05.60.47",
"versionStartIncluding": "5.6"
}
],
"operator": "OR"
}
]
}
]