CVE-2024-35848
high
CVSS v3
β
CVSS v4 NEW
β
VIR risk
8.0
Description
Important: kernel security update
Predictions
Exploit likelihood
20%
Patch ETA
β
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Mitigation details
Source: Red Hat Errata β Red Hat Inc. Β· View original β Β· Open-Errata-API
Description kernel: eeprom: at24: fix memory corruption race condition CVSS v3: 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) Errata / fixed releases ProductPackageAdvisoryReleased Red Hat Enterprise Linux 9kernel-0:5.14.0-427.31.1.el9_4RHSA-2024:53632024-08-15T00:00:00Z Red Hat Enterprise Linux 9kernel-0:5.14.0-427.31.1.el9_4RHSA-2024:53632024-08-15T00:00:00Z Package stateβ¦
Description
kernel: eeprom: at24: fix memory corruption race condition
CVSS v3: 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Errata / fixed releases
| Product | Package | Advisory | Released |
|---|---|---|---|
| Red Hat Enterprise Linux 9 | kernel-0:5.14.0-427.31.1.el9_4 | RHSA-2024:5363 | 2024-08-15T00:00:00Z |
| Red Hat Enterprise Linux 9 | kernel-0:5.14.0-427.31.1.el9_4 | RHSA-2024:5363 | 2024-08-15T00:00:00Z |
Package state
| Product | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Out of support scope |
| Red Hat Enterprise Linux 7 | kernel | Out of support scope |
| Red Hat Enterprise Linux 7 | kernel-rt | Out of support scope |
| Red Hat Enterprise Linux 8 | kernel | Not affected |
| Red Hat Enterprise Linux 8 | kernel-rt | Not affected |
| Red Hat Enterprise Linux 9 | kernel-rt | Affected |
Apply commands
Apply RHSA-2024:5363 for Red Hat Enterprise Linux 9
yum update -y kernel
# or:
dnf upgrade -y kernelAffected
| Vendor | Product | Version |
|---|---|---|
| redhat | Red Hat Enterprise Linux 8 | Not affected |
| redhat | Red Hat Enterprise Linux 8 | Not affected |
| redhat | Red Hat Enterprise Linux 9 | Affected |
OS impact
SUSE Affected 1 release
| Version | Status | Fixed in |
|---|---|---|
| β | Affected | β |
AlmaLinux Fixed 1 release
| Version | Status | Fixed in |
|---|---|---|
| 9 | Fixed | kernel-doc-5.14.0-427.31.1.el9_4.noarch.rpm |
Debian Fixed 5 releases
| Version | Status | Fixed in |
|---|---|---|
| trixie | Fixed | 6.8.9-1 |
| sid | Fixed | 6.8.9-1 |
| forky | Fixed | 6.8.9-1 |
| bullseye | Fixed | 5.10.218-1 |
| bookworm | Fixed | 6.1.94-1 |
Red Hat Fixed 1 release
| Version | Status | Fixed in |
|---|---|---|
| 9 | Fixed | β |
Rocky Linux Fixed 1 release
| Version | Status | Fixed in |
|---|---|---|
| 9 | Fixed | β |
References
- https://access.redhat.com/errata/RHSA-2024:5363
- https://www.suse.com/security/cve/CVE-2024-35848.html
- https://errata.rockylinux.org/RLSA-2024:5363
- https://security-tracker.debian.org/tracker/CVE-2024-35848
- https://bugzilla.redhat.com/2265838
- https://bugzilla.redhat.com/2273405
- https://bugzilla.redhat.com/2275600
- https://bugzilla.redhat.com/2275655
- https://bugzilla.redhat.com/2275715
- https://bugzilla.redhat.com/2275748
- https://bugzilla.redhat.com/2278380
- https://bugzilla.redhat.com/2278417
- https://bugzilla.redhat.com/2278429
- https://bugzilla.redhat.com/2278519
- https://bugzilla.redhat.com/2278989
- https://bugzilla.redhat.com/2281057
- https://bugzilla.redhat.com/2281097
- https://bugzilla.redhat.com/2281133
- https://bugzilla.redhat.com/2281190
- https://bugzilla.redhat.com/2281237
- https://bugzilla.redhat.com/2281257
- https://bugzilla.redhat.com/2281265
- https://bugzilla.redhat.com/2281272
- https://bugzilla.redhat.com/2281639
- https://bugzilla.redhat.com/2281667
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.