VDB
CISA-2024-33619
CISA-2024-33619
PUBLISHED
Reported by Linux · Published June 21, 2024
In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtime_map when allocated priv.runtime_map is only allocated when efi_novamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an uninitialized value to free_pool. Free priv.runtime_map only when it was allocated. This bug was discovered and resolved using Coverity Static Analysis Security Testing (SAST) by Synopsys, Inc.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux | f80d26043af91ceb5036c478101c015edb9e7630, f80d26043af91ceb5036c478101c015edb9e7630, f80d26043af91ceb5036c478101c015edb9e7630 |
| Linux | Linux | 6.1, 0, 6.1.93 |
| linux | linux_kernel | 6.1, 6.1, 6.1 |
| Linux | Linux | f80d26043af91ceb5036c478101c015edb9e7630, f80d26043af91ceb5036c478101c015edb9e7630, 6.1 |
Timeline
- Jun 21, 2024 CVE Published
- May 4, 2025 CVE Updated