Linux · Linux Kernel · CVE-2024-35848
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The issue is related to a memory corruption race condition in the at24 component of the Linux kernel. If the eeprom is not accessible, an nvmem device will be registered, the read will fail, and the device will be torn down. If another driver accesses the nvmem device after the teardown, it will reference invalid memory. The problem can be resolved by moving the failure point before registering the nvmem device.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.