Lucene search
K

25 matches found

Vulnrichment
Vulnrichment
added 2024/06/21 10:18 a.m.16 views

CVE-2024-33619 efi: libstub: only free priv.runtime_map when allocated

In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtimemap when allocated priv.runtimemap is only allocated when efinovamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...

6.8AI score0.00239EPSS
Exploits0References4
CVE
CVE
added 2024/06/21 10:18 a.m.82 views

CVE-2024-33619

The CVE-2024-33619 entry concerns a Linux kernel EFI handling bug in libstub: priv.runtime_map could be freed in an error path when it was never allocated (priv.runtime_map is only allocated if efi_novamap is not set; otherwise it is uninitialized). The fix is to Free priv.runtime_map only when i...

5.5CVSS6.7AI score0.00239EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2021/06/25 12:5 a.m.14 views

GSD-2021-1000792 efi/libstub: prevent read overflow in find_file_option()

efi/libstub: prevent read overflow in findfileoption This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.10 by commit...

7.4AI score
Exploits0
OSV
OSV
added 2021/06/25 12:5 a.m.9 views

UVI-2021-1000792 efi/libstub: prevent read overflow in find_file_option()

efi/libstub: prevent read overflow in findfileoption This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.10 by commit...

7.4AI score
Exploits0
OSV
OSV
added 2021/06/25 12:3 a.m.8 views

GSD-2021-1000763 efi/libstub: prevent read overflow in find_file_option()

efi/libstub: prevent read overflow in findfileoption This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.43 by commit...

7.4AI score
Exploits0
Rows per page
Query Builder