Vulnerability identifier: #VU93470

Vulnerability risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27413

CWE-ID: CWE-119

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the efi_capsule_open() function in drivers/firmware/efi/capsule-loader.c. A local user can escalate privileges on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel:

---

External links
http://git.kernel.org/stable/c/00cf21ac526011a29fc708f8912da446fac19f7b
http://git.kernel.org/stable/c/950d4d74d311a18baed6878dbfba8180d7e5dddd
http://git.kernel.org/stable/c/537e3f49dbe88881a6f0752beaa596942d9efd64
http://git.kernel.org/stable/c/4b73473c050a612fb4317831371073eda07c3050
http://git.kernel.org/stable/c/ddc547dd05a46720866c32022300f7376c40119f
http://git.kernel.org/stable/c/11aabd7487857b8e7d768fefb092f66dfde68492
http://git.kernel.org/stable/c/62a5dcd9bd3097e9813de62fa6f22815e84a0172
http://git.kernel.org/stable/c/fccfa646ef3628097d59f7d9c1a3e84d4b6bb45e
http://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
http://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.