Описание
In the Linux kernel, the following vulnerability has been resolved:
efi/libstub: Free correct pointer on failure
cmdline_ptr is an out parameter, which is not allocated by the function itself, and likely points into the caller's stack.
cmdline refers to the pool allocation that should be freed when cleaning up after a failure, so pass this instead to free_pool().
In the Linux kernel, the following vulnerability has been resolved:
efi/libstub: Free correct pointer on failure
cmdline_ptr is an out parameter, which is not allocated by the function itself, and likely points into the caller's stack.
cmdline refers to the pool allocation that should be freed when cleaning up after a failure, so pass this instead to free_pool().
EPSS
CVE ID
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: efi/libstub: Free correct pointer on failure cmdline_ptr is an out parameter, which is not allocated by the function itself, and likely points into the caller's stack. cmdline refers to the pool allocation that should be freed when cleaning up after a failure, so pass this instead to free_pool().
In the Linux kernel, the following vulnerability has been resolved: efi/libstub: Free correct pointer on failure cmdline_ptr is an out parameter, which is not allocated by the function itself, and likely points into the caller's stack. cmdline refers to the pool allocation that should be freed when cleaning up after a failure, so pass this instead to free_pool().
In the Linux kernel, the following vulnerability has been resolved: efi/libstub: Free correct pointer on failure cmdline_ptr is an out parameter, which is not allocated by the function itself, and likely points into the caller's stack. cmdline refers to the pool allocation that should be freed when cleaning up after a failure, so pass this instead to free_pool().
In the Linux kernel, the following vulnerability has been resolved: e ...
Уязвимость компонента drivers/firmware/efi/libstub ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
EPSS