In the Linux kernel, the following vulnerability has been resolved:
gsmi: fix null-deref in gsmigetvariable
We can get EFI variables without fetching the attribute, so we must allow for that in gsmi.
commit 859748255b43 ("efi: pstore: Omit efivars caching EFI varstore access layer") added a new get_variable call with attr=NULL, which triggers panic in gsmi.