{"id":"CVE-2024-33619","summary":"efi: libstub: only free priv.runtime_map when allocated","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nefi: libstub: only free priv.runtime_map when allocated\n\npriv.runtime_map is only allocated when efi_novamap is not set.\nOtherwise, it is an uninitialized value.  In the error path, it is freed\nunconditionally.  Avoid passing an uninitialized value to free_pool.\nFree priv.runtime_map only when it was allocated.\n\nThis bug was discovered and resolved using Coverity Static Analysis\nSecurity Testing (SAST) by Synopsys, Inc.","modified":"2026-04-02T10:49:19.333531Z","published":"2024-06-21T10:18:05.007Z","related":["MGASA-2024-0263","MGASA-2024-0266","SUSE-SU-2024:2372-1","SUSE-SU-2024:2394-1","SUSE-SU-2024:2571-1","SUSE-SU-2024:2896-1","SUSE-SU-2024:2939-1","SUSE-SU-2024:2973-1","SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/33xxx/CVE-2024-33619.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/4b2543f7e1e6b91cfc8dd1696e3cdf01c3ac8974"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6ca67a5fe1c606d1fbe24c30a9fc0bdc43a18554"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9dce01f386c9ce6990c0a83fa14b1c95330b037e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b8938d6f570f010a1dcdbfed3e5b5d3258c2a908"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/33xxx/CVE-2024-33619.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-33619"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"f80d26043af91ceb5036c478101c015edb9e7630"},{"fixed":"b8938d6f570f010a1dcdbfed3e5b5d3258c2a908"},{"fixed":"9dce01f386c9ce6990c0a83fa14b1c95330b037e"},{"fixed":"6ca67a5fe1c606d1fbe24c30a9fc0bdc43a18554"},{"fixed":"4b2543f7e1e6b91cfc8dd1696e3cdf01c3ac8974"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-33619.json"}}],"schema_version":"1.7.5"}