VDB

CISA-2022-48879

CISA-2022-48879 PUBLISHED

Reported by Linux · Published August 21, 2024

In the Linux kernel, the following vulnerability has been resolved: efi: fix NULL-deref in init error path In cases where runtime services are not supported or have been disabled, the runtime services workqueue will never have been allocated. Do not try to destroy the workqueue unconditionally in the unlikely event that EFI initialisation fails to avoid dereferencing a NULL pointer.

Affected Products

VendorProductVersions
LinuxLinux2ff3c97b47521d6700cc6485c7935908dcd2c27c, 5167f194da6947e19a3e970485ee3ccb44f7958d, 98086df8b70c06234a8f4290c46064e44dafa0ed
LinuxLinux5.9, 0, 4.19.270
linuxlinux_kernel4.19.142, 5.4.61, 5.9
LinuxLinux2ff3c97b47521d6700cc6485c7935908dcd2c27c, 98086df8b70c06234a8f4290c46064e44dafa0ed, 98086df8b70c06234a8f4290c46064e44dafa0ed

Timeline

  • Aug 21, 2024 CVE Published
  • May 4, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›