CVE-2024-53104

CVSS v3.1

7.8

High

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version

Description A vulnerability in the Linux kernel's USB Video Class driver can lead to out-of-bounds writes, allowing an attacker to escalate privileges or execute arbitrary code. The vulnerability is caused by incorrect parsing of an undefined frame type in the uvc parse format function. This can be exploited by an attacker who can influence the format of video streams captured by a system's USB video device.

Recommendations To resolve the issue, update the Linux kernel to the latest version that includes the fix for this vulnerability. Additionally, consider disabling or restricting the use of the vulnerable USB Video Class driver until a patch is available. Avoid using unknown or untrusted USB devices, and use trusted charging only to minimize the risk of exploitation.

Exploit

Fix

LPE

Memory Corruption

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-125

Related Identifiers

ALSA-2025:1230

ALSA-2025:1262

ALSA-2025:1266

ALT-PU-2024-17891

ALT-PU-2025-12647

ASB-A-378455392

BDU:2025-01147

CESA-2025_1230

CESA-2025_1266

CESA-2025_1657

CVE-2024-53104

DLA-4008-1

DLA-4075-1

INFSA-2025_1230

INFSA-2025_1262

INFSA-2025_1266

LSN-0110-1

OESA-2024-2533

OESA-2024-2534

OESA-2024-2535

OESA-2024-2536

OESA-2024-2537

OPENSUSE-SU-2024_4314-1

OPENSUSE-SU-2024_4315-1

OPENSUSE-SU-2024_4316-1

OPENSUSE-SU-2024_4376-1

OPENSUSE-SU-2025_0517-1

OPENSUSE-SU-2025_0517-2

OPENSUSE-SU-2025_0556-1

OPENSUSE-SU-2025_0576-1

OPENSUSE-SU-2025_0577-1

OPENSUSE-SU-2025_0650-1

OPENSUSE-SU-2025_0652-1

OPENSUSE-SU-2025_0656-1

OPENSUSE-SU-2025_0662-1

OPENSUSE-SU-2025_0669-1

OPENSUSE-SU-2025_0681-1

OPENSUSE-SU-2025_0687-1

OPENSUSE-SU-2025_0698-1

OPENSUSE-SU-2025_0703-1

OPENSUSE-SU-2025_0704-1

OPENSUSE-SU-2025_0707-1

OPENSUSE-SU-2025_0708-1

OPENSUSE-SU-2025_0709-1

OPENSUSE-SU-2025_0713-1

OPENSUSE-SU-2025_0771-1

RHSA-2025:1230

RHSA-2025:1231

RHSA-2025:1253

RHSA-2025:1254

RHSA-2025:1262

RHSA-2025:1264

RHSA-2025:1266

RHSA-2025:1267

RHSA-2025:1268

RHSA-2025:1269

RHSA-2025:1270

RHSA-2025:1278

RHSA-2025:1280

RHSA-2025:1281

RHSA-2025:1282

RHSA-2025:1291

RHSA-2025:1347

RHSA-2025:1374

RHSA-2025:1433

RHSA-2025:1434

RHSA-2025:1437

RHSA-2025:1657

RHSA-2025:1662

RHSA-2025:1663

RHSA-2025:1680

RHSA-2025:8137

RHSA-2025_1230

RHSA-2025_1262

RHSA-2025_1266

RLSA-2025:1230

RLSA-2025:1266

RXSA-2025:1262

SUSE-SU-2024:4314-1

SUSE-SU-2024:4315-1

SUSE-SU-2024:4316-1

SUSE-SU-2024:4318-1

SUSE-SU-2024:4364-1

SUSE-SU-2024:4367-1

SUSE-SU-2024:4376-1

SUSE-SU-2024:4387-1

SUSE-SU-2025:0035-1

SUSE-SU-2025:0555-1

SUSE-SU-2025:0556-1

SUSE-SU-2025:0576-1

SUSE-SU-2025:0577-1

SUSE-SU-2025:0577-2

SUSE-SU-2025:0603-1

SUSE-SU-2025:0643-1

SUSE-SU-2025:0645-1

SUSE-SU-2025:0650-1

SUSE-SU-2025:0652-1

SUSE-SU-2025:0656-1

SUSE-SU-2025:0662-1

SUSE-SU-2025:0667-1

SUSE-SU-2025:0669-1

SUSE-SU-2025:0681-1

SUSE-SU-2025:0687-1

SUSE-SU-2025:0698-1

SUSE-SU-2025:0703-1

SUSE-SU-2025:0704-1

SUSE-SU-2025:0707-1

SUSE-SU-2025:0708-1

SUSE-SU-2025:0709-1

SUSE-SU-2025:0713-1

SUSE-SU-2025:0771-1

SUSE-SU-2025:0867-1

SUSE-SU-2025:20163-1

SUSE-SU-2025:20164-1

SUSE-SU-2025:20186-1

SUSE-SU-2025:20188-1

SUSE-SU-2025:20189-1

SUSE-SU-2025:20191-1

SUSE-SU-2025:20246-1

SUSE-SU-2025:20247-1

SUSE-SU-2025:20285-1

SUSE-SU-2025:4123-1

SUSE-SU-2025_0517-1

SUSE-SU-2025_0517-2

SUSE-SU-2025_0577-1

SUSE-SU-2025_0577-2

USN-7276-1

USN-7277-1

USN-7288-1

USN-7288-2

USN-7289-1

USN-7289-2

USN-7289-3

USN-7289-4

USN-7291-1

USN-7293-1

USN-7294-1

USN-7294-2

USN-7294-3

USN-7294-4

USN-7295-1

USN-7305-1

USN-7308-1

USN-7310-1

USN-7324-1

USN-7325-1

USN-7325-2

USN-7325-3

USN-7326-1

USN-7331-1

USN-7332-1

USN-7332-2

USN-7332-3

USN-7342-1

USN-7344-1

USN-7344-2

USN-7384-1

USN-7384-2

USN-7385-1

USN-7386-1

USN-7388-1

USN-7389-1

USN-7390-1

USN-7393-1

USN-7401-1

USN-7403-1

USN-7413-1

USN-7458-1

USN-7468-1

USN-7539-1

USN-7540-1

USN-7720-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Debian

Linuxmint

Linux Kernel

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

CVE-2024-53104

Weakness Enumeration

Related Identifiers

Affected Products

References · 3310