CVE-2024-27413
Published: May 17, 2024
Modified: May 23, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeof(void) on 32-bit architectures is not enough for a 64-bit phys_addr_t: drivers/firmware/efi/capsule-loader.c: In function 'efi_capsule_open': drivers/firmware/efi/capsule-loader.c:295:24: error: allocation of insufficient size '4' for type 'phys_addr_t' {aka 'long long unsigned int'} with size '8' [-Werror=alloc-size] 295 | cap_info->phys = kzalloc(sizeof(void *), GFP_KERNEL); | ^ Use the correct type instead here.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected f24c4d478013d82bd1b943df566fff3561d52864 - < 00cf21ac526011a29fc708f8912da446fac19f7baffected f24c4d478013d82bd1b943df566fff3561d52864 - < 950d4d74d311a18baed6878dbfba8180d7e5ddddaffected f24c4d478013d82bd1b943df566fff3561d52864 - < 537e3f49dbe88881a6f0752beaa596942d9efd64affected f24c4d478013d82bd1b943df566fff3561d52864 - < 4b73473c050a612fb4317831371073eda07c3050affected f24c4d478013d82bd1b943df566fff3561d52864 - < ddc547dd05a46720866c32022300f7376c40119f+5 more versions |
Linux | Linux | affected 4.15unaffected 0 - < 4.15unaffected 4.19.309 - <= 4.19.*unaffected 5.4.271 - <= 5.4.*unaffected 5.10.212 - <= 5.10.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now