vulnerability

Debian: CVE-2024-35848: linux -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:N/I:N/A:C)	05/17/2024	06/04/2024	02/18/2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

05/17/2024

Added

06/04/2024

Modified

02/18/2025

Description

In the Linux kernel, the following vulnerability has been resolved:

eeprom: at24: fix memory corruption race condition

If the eeprom is not accessible, an nvmem device will be registered, the
read will fail, and the device will be torn down. If another driver
accesses the nvmem device after the teardown, it will reference
invalid memory.

Move the failure point before registering the nvmem device.

Solution

debian-upgrade-linux

References

CVE-2024-35848
https://attackerkb.com/topics/CVE-2024-35848
DEBIAN-DSA-5703-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today