A deep dive into the RCE via CVE 2023-50547, Studying the source code of `shim` (C)

In this video I will deep dive into the shim. We will see what it is and why it is present in most (if not all) GNU/Linux distros. Then we will review the recent Remote code execution found on it. We will understand the concept of "out of bound write" and then I will show you the C source code of shim and where it happens and how it is fixed. Um.. actually what I'm trying to show you is how you should step up your programming skillz from someone who knows C to someone who understand how to fix a severe security issue in the Linux boot process

00:00 - RCE in Shim
01:53 - What is shim
04:45 - what is HTTP Boot
07:20 - CVE 2023-40547, out of bound write
10:10 - HTTP Headers and shim source code in c

Видео A deep dive into the RCE via CVE 2023-50547, Studying the source code of `shim` (C) канала Jadi