VYPR
Medium severity5.5NVD Advisory· Published May 17, 2024· Updated Jun 17, 2026

CVE-2024-27413

CVE-2024-27413

Description

In the Linux kernel, the following vulnerability has been resolved:

efi/capsule-loader: fix incorrect allocation size

gcc-14 notices that the allocation with sizeof(void) on 32-bit architectures is not enough for a 64-bit phys_addr_t:

drivers/firmware/efi/capsule-loader.c: In function 'efi_capsule_open': drivers/firmware/efi/capsule-loader.c:295:24: error: allocation of insufficient size '4' for type 'phys_addr_t' {aka 'long long unsigned int'} with size '8' [-Werror=alloc-size] 295 | cap_info->phys = kzalloc(sizeof(void *), GFP_KERNEL); | ^

Use the correct type instead here.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

219

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.