Lucene search

K
redhatcveRedhat.comRH:CVE-2024-35848
HistoryMay 18, 2024 - 1:08 a.m.

CVE-2024-35848

2024-05-1801:08:07
redhat.com
access.redhat.com
5
cve-2024-35848
linux kernel
eeprom
memory corruption
nvmem device
race condition
mitigation

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.3%

In the Linux kernel, the following vulnerability has been resolved: eeprom: at24: fix memory corruption race condition If the eeprom is not accessible, an nvmem device will be registered, the read will fail, and the device will be torn down. If another driver accesses the nvmem device after the teardown, it will reference invalid memory. Move the failure point before registering the nvmem device.

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.3%