In the Linux kernel, the following vulnerability has been resolved:
efi: libstub: only free priv.runtime_map when allocated
priv.runtime_map is only allocated when efi_novamap is not set.
Otherwise, it is an uninitialized value. In the error path, it is freed
unconditionally. Avoid passing an uninitialized value to free_pool.
Free priv.runtime_map only when it was allocated.
This bug was discovered and resolved using Coverity Static Analysis
Security Testing (SAST) by Synopsys, Inc.
Metrics
Affected Vendors & Products
References
History
Wed, 06 Nov 2024 08:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 12 Sep 2024 08:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 11 Sep 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-06-21T10:18:05.007Z
Updated: 2024-12-19T08:54:58.418Z
Reserved: 2024-06-21T10:13:16.311Z
Link: CVE-2024-33619
Vulnrichment
Updated: 2024-08-02T02:36:04.107Z
NVD
Status : Awaiting Analysis
Published: 2024-06-21T11:15:09.767
Modified: 2024-11-21T09:17:15.430
Link: CVE-2024-33619
Redhat