Skip to main content

Early Access — Mondoo Vulnerability Intelligence is currently in preview.

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

CVE-2024-26843

MEDIUM6.0

efi: runtime: Fix potential overflow of soft-reserved region size

Published Apr 17, 2024

Modified 7 months ago

No fix available

Details

In the Linux kernel, the following vulnerability has been resolved:

efi: runtime: Fix potential overflow of soft-reserved region size

md_size will have been narrowed if we have >= 4GB worth of pages in a soft-reserved region.

References

WEBhttps://git.kernel.org/stable/c/156cb12ffdcf33883304f0db645e1eadae712fe0 WEBhttps://git.kernel.org/stable/c/4aa36b62c3eaa869860bf78b1146e9f2b5f782a9 WEBhttps://git.kernel.org/stable/c/4fff3d735baea104017f2e3c245e27cdc79f2426 WEBhttps://git.kernel.org/stable/c/700c3f642c32721f246e09d3a9511acf40ae42be WEBhttps://git.kernel.org/stable/c/cf3d6813601fe496de7f023435e31bfffa74ae70 WEBhttps://git.kernel.org/stable/c/de1034b38a346ef6be25fe8792f5d1e0684d5ff4 WEBhttps://lists.debian.org/debian-lts-announce/2024/06/msg00017.html ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2024-26843

CVSS Analysis

CVSS v3.1

6.0

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

HighPR:H

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

NoneI:N

Availability

HighA:H

6/CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H

Ecosystems

Timeline

PublishedApr 17, 2024

ModifiedMay 21, 2025

CVE-2024-26843 | Mondoo Vulnerability Intelligence