57 matches found
CVE-2026-53047
A flaw was found in the Linux kernel's EFI Extensible Firmware Interface capsule loader. An incorrect size calculation during memory reallocation for physical addresses can lead to an undersized buffer. This issue, specifically on 32-bit systems with Physical Address Extension PAE, may result in ...
Linux Distros Unpatched Vulnerability : CVE-2026-53047
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - efi/capsule-loader: fix incorrect sizeof in phys array reallocation The krealloc call for capinfo-phys in eficapsulesetupinfo uses sizeofphysaddrt instead of...
CVE-2026-53047
CVE-2026-53047 affects the Linux kernel’s efi/capsule-loader. The vulnerability arises from a mis-sized allocation in __efi_capsule_setup_info(): the krealloc() for cap_info->phys uses sizeof(phys_addr_t *) instead of sizeof(phys_addr_t). This can produce an undersized allocation, inconsistent...
EUVD-2026-38915
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect sizeof in phys array reallocation The krealloc call for capinfo-phys in eficapsulesetupinfo uses sizeofphysaddrt instead of sizeofphysaddrt, which might be causing an undersized allocation. The...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
A issue was discovered in the Linux kernel through version 5.19.8. In the file drivers/firmware/efi/capsule-loader.c, there is a race condition that leads to a use-after-free situation...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-6.1, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: corrected incorrect allocation size gcc-14 notes that the allocation using sizeofvoid on 32-bit architectures is insufficient for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In the function...
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006987)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006987 advisory. In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006819)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006819 advisory. In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001740)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001740 advisory. An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free. Tenable has...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414377)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414377 advisory. An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free. Tenable has...
EUVD-2022-43604
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-27413
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeofvoid on 32-bit architectures is not enough for a 64-bit...
The vulnerability of the efi/capsule-loader component of the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the efi/capsule-loader component in the Linux operating system is related to a memory corruption in the eficapsuleopen function. Exploiting this vulnerability can allow an attacker to cause a service failure...
SUSE CVE-2024-27413
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeofvoid on 32-bit architectures is not enough for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In function 'eficapsuleopen...
CVE-2024-27413
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeofvoid on 32-bit architectures is not enough for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In function 'eficapsuleopen...
CVE-2024-27413
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeofvoid on 32-bit architectures is not enough for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In function 'eficapsuleopen...
DEBIAN-CVE-2024-27413
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeofvoid on 32-bit architectures is not enough for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In function 'eficapsuleopen...
CVE-2024-27413
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeofvoid on 32-bit architectures is not enough for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In function 'eficapsuleopen...
UBUNTU-CVE-2024-27413
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeofvoid on 32-bit architectures is not enough for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In function 'eficapsuleopen...
CVE-2024-27413 efi/capsule-loader: fix incorrect allocation size
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeofvoid on 32-bit architectures is not enough for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In function 'eficapsuleopen...