Linux · Linux Kernel · CVE-2022-48769
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The issue is related to the Linux kernel's use of EFIv2 runtime services on Apple x86 machines. A call to `QueryVariableInfo()`, which was added in EFI v2.00, can cause crashes in the firmware when using variable services at runtime. This is because Apple machines have only recently upgraded from EFI v1.10 to EFI v2.40 firmware, and Linux support for the newly introduced runtime services was added in 2011. `QueryVariableInfo()` is used to safely set variables, preventing machines with buggy firmwares from corrupting their NVRAMs when they run out of space.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.