CVE-2024-33619

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-33619
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-33619.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-33619
Downstream
Related
Published
2024-06-21T11:15:09Z
Modified
2025-08-09T19:01:28Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

efi: libstub: only free priv.runtime_map when allocated

priv.runtimemap is only allocated when efinovamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an uninitialized value to freepool. Free priv.runtimemap only when it was allocated.

This bug was discovered and resolved using Coverity Static Analysis Security Testing (SAST) by Synopsys, Inc.

References

Affected packages