In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtime_map when allocated priv.runtime_map is only allocated when efi_novamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an uninitialized value to free_pool. Free priv.runtime_map only when it was allocated. This bug was discovered and resolved using Coverity Static Analysis Security Testing (SAST) by Synopsys, Inc.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | linux | <= 6.1.76-1 | linux_6.1.76-1_all.deb |
Debian | 11 | all | linux | < 5.10.209-2 | linux_5.10.209-2_all.deb |
Debian | 10 | all | linux | < 4.19.249-2 | linux_4.19.249-2_all.deb |
Debian | 999 | all | linux | < 6.9.7-1 | linux_6.9.7-1_all.deb |
Debian | 13 | all | linux | <= 6.8.12-1 | linux_6.8.12-1_all.deb |