Description

In the Linux kernel, the following vulnerability has been resolved: efi/libstub: Free correct pointer on failure cmdline_ptr is an out parameter, which is not allocated by the function itself, and likely points into the caller's stack. cmdline refers to the pool allocation that should be freed when cleaning up after a failure, so pass this instead to free_pool().

INFO

Published Date :

2024-12-27T14:23:16.231Z

Last Modified :

2025-05-04T09:58:40.379Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-56573 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-56573.

URL Resource
https://git.kernel.org/stable/c/06d39d79cbd5a91a33707951ebf2512d0e759847 cve-icon cve-icon
https://git.kernel.org/stable/c/d173aee5709bd0994d216d60589ec67f8b11376a cve-icon cve-icon
https://git.kernel.org/stable/c/eaafbcf0a5782ae412ca7de12ef83fc48ccea4cf cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024122717-CVE-2024-56573-f5d2@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-56573 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-56573 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact