A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. CREATE(Triage):(User=admin) CVE-2023-40547 (https://nvd.nist.gov/vuln/detail/CVE-2023-40547)
