CVE-2024-35848

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-35848

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-35848.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-35848

Downstream

BELL-CVE-2024-35848

DEBIAN-CVE-2024-35848

DLA-3843-1

DSA-5703-1

OESA-2024-1680

OESA-2024-1682

OESA-2024-1960

RHSA-2024:5363

SUSE-SU-2024:2372-1

SUSE-SU-2024:2394-1

SUSE-SU-2024:2571-1

SUSE-SU-2024:2896-1

SUSE-SU-2024:2939-1

SUSE-SU-2024:2973-1

UBUNTU-CVE-2024-35848

USN-6949-1

USN-6949-2

USN-6950-1

USN-6950-2

USN-6950-3

USN-6950-4

USN-6952-1

USN-6952-2

USN-6955-1

USN-6956-1

USN-6957-1

USN-7019-1

USN-7088-1

USN-7088-2

USN-7088-3

USN-7088-4

USN-7088-5

USN-7119-1

Related

Published

2024-05-17T15:15:21Z

Modified

2025-08-09T19:01:27Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

eeprom: at24: fix memory corruption race condition

If the eeprom is not accessible, an nvmem device will be registered, the read will fail, and the device will be torn down. If another driver accesses the nvmem device after the teardown, it will reference invalid memory.

Move the failure point before registering the nvmem device.

References

Affected packages