CVE-2024-35800

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-35800
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-35800.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-35800
Downstream
Related
Published
2024-05-17T13:23:10.170Z
Modified
2025-11-28T02:35:38.347766Z
Summary
efi: fix panic in kdump kernel
Details

In the Linux kernel, the following vulnerability has been resolved:

efi: fix panic in kdump kernel

Check if getnextvariable() is actually valid pointer before calling it. In kdump kernel this method is set to NULL that causes panic during the kexec-ed kernel boot.

Tested with QEMU and OVMF firmware.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/35xxx/CVE-2024-35800.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
a8901f331b8b7f95a7315d033a22bc84c8365f35
Fixed
b9d103aca85f082a343b222493f3cab1219aaaf4
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
bad267f9e18f8e9e628abd1811d2899b1735a4e1
Fixed
9114ba9987506bcfbb454f6e68558d68cb1abbde
Fixed
7784135f134c13af17d9ffb39a57db8500bc60ff
Fixed
090d2b4515ade379cd592fbc8931344945978210
Fixed
62b71cd73d41ddac6b1760402bbe8c4932e23531

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.84
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.24
Type
ECOSYSTEM
Events
Introduced
6.3.0
Fixed
6.7.12
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.8.3