PT-2024-17842 · Edk2+10 · Edk2+10

Binarly

Published

2024-05-17

Updated

2025-11-28

CVE-2024-1298

CVSS v3.1

6.0

Medium

Vector

AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions EDK2 (affected versions not specified)

Description The issue arises when S3 sleep is activated, allowing an attacker to cause a Division-By-Zero due to a UINT32 overflow via local access. This can lead to a loss of Availability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Divide By Zero

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-369

Related Identifiers

ALSA-2024:5297

ALSA-2024:9088

AZL-42336

AZL-42337

AZL-42346

BDU:2025-12007

CESA-2024_5297

CVE-2024-1298

DLA-4207-1

GHSA-CHFW-XJ8F-6M53

INFSA-2024_5297

INFSA-2024_9088

OESA-2024-1752

OPENSUSE-SU-2024_4088-1

OPENSUSE-SU-2024_4357-1

OPENSUSE-SU-2025_0503-1

RHSA-2024:4747

RHSA-2024:5297

RHSA-2024:5623

RHSA-2024:9088

RHSA-2024_5297

RHSA-2024_9088

RLSA-2024:9088

SUSE-SU-2024:4088-1

SUSE-SU-2024:4357-1

SUSE-SU-2024_4088-1

SUSE-SU-2025:02516-1

SUSE-SU-2025:0503-1

SUSE-SU-2025_02516-1

SUSE-SU-2025_0503-1

USN-7894-1

USN-7894-2

Affected Products

Almalinux

Astra Linux

Centos

Debian

Edk2

Linuxmint

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

PT-2024-17842 · Edk2+10 · Edk2+10

CVE-2024-1298

Weakness Enumeration

Related Identifiers

Affected Products

References · 130