Name of the Vulnerable Software and Affected Versions:

Linux kernel versions prior to the fixed version

Description:

A vulnerability in the Linux kernel's USB Video Class driver can lead to out-of-bounds writes, allowing an attacker to escalate privileges or execute arbitrary code. The vulnerability is caused by incorrect parsing of an undefined frame type in the `uvc parse format` function. This can be exploited by an attacker who can influence the format of video streams captured by a system's USB video device.

Recommendations:

To resolve the issue, update the Linux kernel to the latest version that includes the fix for this vulnerability. Additionally, consider disabling or restricting the use of the vulnerable USB Video Class driver until a patch is available. Avoid using unknown or untrusted USB devices, and use trusted charging only to minimize the risk of exploitation.