Security Advisory

CVE-2024-27413

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-05-17 11:50:53
Last updated 2026-05-23 15:42:38
Assigner Linux
State PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeof(void) on 32-bit architectures is not enough for a 64-bit phys_addr_t: drivers/firmware/efi/capsule-loader.c: In function efi_capsule_open: drivers/firmware/efi/capsule-loader.c:295:24: error: allocation of insufficient size 4 for type phys_addr_t {aka long long unsigned int} with size 8 [-Werror=alloc-size] 295 | cap_info->phys = kzalloc(sizeof(void *), GFP_KERNEL); | ^ Use the correct type instead here.