Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-35848HistoryMay 17, 2024 - 3:15 p.m.
CVE-2024-35848
2024-05-1715:15:21
Debian Security Bug Tracker
security-tracker.debian.org
3
linux kernel
eeprom device
vulnerability
memory corruption
race condition
In the Linux kernel, the following vulnerability has been resolved: eeprom: at24: fix memory corruption race condition If the eeprom is not accessible, an nvmem device will be registered, the read will fail, and the device will be torn down. If another driver accesses the nvmem device after the teardown, it will reference invalid memory. Move the failure point before registering the nvmem device.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | linux | <= 6.1.76-1 | linux_6.1.76-1_all.deb |
| Debian | 11 | all | linux | <= 5.10.209-2 | linux_5.10.209-2_all.deb |
| Debian | 10 | all | linux | < 4.19.249-2 | linux_4.19.249-2_all.deb |
| Debian | 999 | all | linux | < 6.8.9-1 | linux_6.8.9-1_all.deb |
| Debian | 13 | all | linux | <= 6.7.12-1 | linux_6.7.12-1_all.deb |
Related
cve
cve
CVE-2024-35848
2024-05-17 15:15:21
redhatcve
redhatcve
CVE-2024-35848
2024-05-18 01:08:07
cvelist
cvelist
CVE-2024-35848 eeprom: at24: fix memory corruption race condition
2024-05-17 14:47:26
ubuntucve
ubuntucve
CVE-2024-35848
2024-05-17 00:00:00
6.8 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.0%
Related for DEBIANCVE:CVE-2024-35848