CVE-2024-33619
MEDIUMLinux Kernel 6.1-6.1.92, 6.2-6.6.32, 6.7-6.9.3 - Use-After-Free in EFI Runtime Map Handling
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtime_map when allocated priv.runtime_map is only allocated when efi_novamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an uninitialized value to free_pool. Free priv.runtime_map only when it was allocated. This bug was discovered and resolved using Coverity Static Analysis Security Testing (SAST) by Synopsys, Inc.
References (4)
Core 4
Core References
Mailing List, Patch
https://git.kernel.org/stable/c/b8938d6f570f010a1dcdbfed3e5b5d3258c2a908
Mailing List, Patch
https://git.kernel.org/stable/c/9dce01f386c9ce6990c0a83fa14b1c95330b037e
Mailing List, Patch
https://git.kernel.org/stable/c/6ca67a5fe1c606d1fbe24c30a9fc0bdc43a18554
Mailing List, Patch
https://git.kernel.org/stable/c/4b2543f7e1e6b91cfc8dd1696e3cdf01c3ac8974
Scores
CVSS v3
5.5
EPSS
0.0024
EPSS Percentile
14.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-908
Status
published
Products (14)
linux/Kernel
6.1.0 - 6.1.93linux
linux/Kernel
6.2.0 - 6.6.33linux
linux/Kernel
6.7.0 - 6.9.4linux
Linux/Linux
< 6.1
Linux/Linux
6.1
Linux/Linux
6.1.93 - 6.1.*
Linux/Linux
6.10
Linux/Linux
6.6.33 - 6.6.*
Linux/Linux
6.9.4 - 6.9.*
Linux/Linux
f80d26043af91ceb5036c478101c015edb9e7630 - 4b2543f7e1e6b91cfc8dd1696e3cdf01c3ac8974
... and 4 more
Published
Jun 21, 2024
Tracked Since
Feb 18, 2026