CVE-2023-40238 — MEDIUM (5.5)

Q: How severe is CVE-2023-40238?

CVE-2023-40238 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-40238?

Check the references section above for vendor advisories and patch information. Affected products include: Fujitsu Esprimo D556\/2 Firmware, Fujitsu Esprimo D556\/2, Fujitsu Esprimo D6011 Firmware, Fujitsu Esprimo D6011, Fujitsu Esprimo D6012 Firmware.

Vulnerability Description

A LogoFAIL issue was discovered in BmpDecoderDxe in Insyde InsydeH2O with kernel 5.2 before 05.28.47, 5.3 before 05.37.47, 5.4 before 05.45.47, 5.5 before 05.53.47, and 5.6 before 05.60.47 for certain Lenovo devices. Image parsing of crafted BMP logo files can copy data to a specific address during the DXE phase of UEFI execution. This occurs because of an integer signedness error involving PixelHeight and PixelWidth during RLE4/RLE8 compression.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Fujitsu	Esprimo D556\/2 Firmware	< 1.35.0
Fujitsu	Esprimo D556\/2	-
Fujitsu	Esprimo D6011 Firmware	< 1.31.0
Fujitsu	Esprimo D6011	-
Fujitsu	Esprimo D6012 Firmware	< 3.08.0
Fujitsu	Esprimo D6012	-
Fujitsu	Esprimo D7010 Firmware	< 1.64.0
Fujitsu	Esprimo D7010	-
Fujitsu	Esprimo D7010\/8 Firmware	< 1.64.0
Fujitsu	Esprimo D7010\/8	-
Fujitsu	Esprimo D7011 Firmware	< 1.31.0
Fujitsu	Esprimo D7011	-
Fujitsu	Esprimo D7012 Firmware	< 3.08.0
Fujitsu	Esprimo D7012	-
Fujitsu	Esprimo D7013 Firmware	< 3.08.0
Fujitsu	Esprimo D7013	-
Fujitsu	Esprimo D738 Firmware	< 1.38.0
Fujitsu	Esprimo D738	-
Fujitsu	Esprimo D757 Firmware	< 1.35.0
Fujitsu	Esprimo D757	-

Related Weaknesses (CWE)

CWE-312

References

https://binarly.io/posts/finding_logofail_the_dangers_of_image_parsing_during_syExploit
https://security.netapp.com/advisory/ntap-20240105-0002/Third Party Advisory
https://www.insyde.com/security-pledgeVendor Advisory
https://www.insyde.com/security-pledge/SA-2023053Vendor Advisory
https://www.kb.cert.org/vuls/id/811862Third Party Advisory
https://binarly.io/posts/finding_logofail_the_dangers_of_image_parsing_during_syExploit
https://security.netapp.com/advisory/ntap-20240105-0002/Third Party Advisory
https://www.insyde.com/security-pledgeVendor Advisory
https://www.insyde.com/security-pledge/SA-2023053Vendor Advisory
https://www.kb.cert.org/vuls/id/811862Third Party Advisory

FAQ

What is CVE-2023-40238?

CVE-2023-40238 is a vulnerability with a CVSS score of 5.5 (MEDIUM). A LogoFAIL issue was discovered in BmpDecoderDxe in Insyde InsydeH2O with kernel 5.2 before 05.28.47, 5.3 before 05.37.47, 5.4 before 05.45.47, 5.5 before 05.53.47, and 5.6 before 05.60.47 for certain...

How severe is CVE-2023-40238?

CVE-2023-40238 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-40238?

Check the references section above for vendor advisories and patch information. Affected products include: Fujitsu Esprimo D556\/2 Firmware, Fujitsu Esprimo D556\/2, Fujitsu Esprimo D6011 Firmware, Fujitsu Esprimo D6011, Fujitsu Esprimo D6012 Firmware.