Security Advisory

CVE-2023-52893

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-08-21 06:10:33

Last updated 2026-05-11 19:35:00

Assigner Linux

State PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: gsmi: fix null-deref in gsmi_get_variable We can get EFI variables without fetching the attribute, so we must allow for that in gsmi. commit 859748255b43 ("efi: pstore: Omit efivars caching EFI varstore access layer") added a new get_variable call with attr=NULL, which triggers panic in gsmi.

← Browse all CVEs View on cve.org ↗