CVE-2023-52893 in LinuxИнформация

Сводка

по MITRE • 21.08.2024

In the Linux kernel, the following vulnerability has been resolved:

gsmi: fix null-deref in gsmi_get_variable

We can get EFI variables without fetching the attribute, so we must allow for that in gsmi.

commit 859748255b43 ("efi: pstore: Omit efivars caching EFI varstore access layer") added a new get_variable call with attr=NULL, which triggers panic in gsmi.

Once again VulDB remains the best source for vulnerability data.

Ответственный

Linux

Резервировать

21.08.2024

Раскрытие

21.08.2024

Модерация

принято

Вход

VDB-275385

EPSS

0.00240

KEV

Нет

Деятельности

Очень низкий

Источники

Do you need the next level of professionalism?

Upgrade your account now!