PT-2024-35568 · Linux +10 · Linux Kernel +10

Benoit Sevens

·

Published

2024-11-07

·

Updated

2025-09-22

·

CVE-2024-53104

CVSS v3.1
7.8
VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version
Description A vulnerability in the Linux kernel's USB Video Class driver can lead to out-of-bounds writes, allowing an attacker to escalate privileges or execute arbitrary code. The vulnerability is caused by incorrect parsing of an undefined frame type in the 
uvc parse format
function. This can be exploited by an attacker who can influence the format of video streams captured by a system's USB video device.
Recommendations To resolve the issue, update the Linux kernel to the latest version that includes the fix for this vulnerability. Additionally, consider disabling or restricting the use of the vulnerable USB Video Class driver until a patch is available. Avoid using unknown or untrusted USB devices, and use trusted charging only to minimize the risk of exploitation.

Fix

LPE

Out of bounds Read

Memory Corruption

Weakness Enumeration

CWE-125CWE-787

Related Identifiers

ALSA-2025:1230
ALSA-2025:1262
ALSA-2025:1266
ASB-A-378455392
BDU:2025-01147
CESA-2025_1230
CESA-2025_1266
CESA-2025_1657
CVE-2024-53104
DLA-4008-1
DLA-4075-1
INFSA-2025_1230
INFSA-2025_1262
INFSA-2025_1266
LSN-0110-1
OESA-2024-2533
OESA-2024-2534
OESA-2024-2535
OESA-2024-2536
OESA-2024-2537
OPENSUSE-SU-2024_4314-1
OPENSUSE-SU-2024_4315-1
OPENSUSE-SU-2024_4316-1
OPENSUSE-SU-2024_4376-1
OPENSUSE-SU-2025_0517-1
OPENSUSE-SU-2025_0517-2
OPENSUSE-SU-2025_0556-1
OPENSUSE-SU-2025_0576-1
OPENSUSE-SU-2025_0577-1
OPENSUSE-SU-2025_0650-1
OPENSUSE-SU-2025_0652-1
OPENSUSE-SU-2025_0656-1
OPENSUSE-SU-2025_0662-1
OPENSUSE-SU-2025_0669-1
OPENSUSE-SU-2025_0681-1
OPENSUSE-SU-2025_0687-1
OPENSUSE-SU-2025_0698-1
OPENSUSE-SU-2025_0703-1
OPENSUSE-SU-2025_0704-1
OPENSUSE-SU-2025_0707-1
OPENSUSE-SU-2025_0708-1
OPENSUSE-SU-2025_0709-1
OPENSUSE-SU-2025_0713-1
OPENSUSE-SU-2025_0771-1
RHSA-2025:1230
RHSA-2025:1231
RHSA-2025:1253
RHSA-2025:1254
RHSA-2025:1262
RHSA-2025:1264
RHSA-2025:1266
RHSA-2025:1267
RHSA-2025:1268
RHSA-2025:1269
RHSA-2025:1270
RHSA-2025:1278
RHSA-2025:1280
RHSA-2025:1281
RHSA-2025:1282
RHSA-2025:1291
RHSA-2025:1347
RHSA-2025:1374
RHSA-2025:1433
RHSA-2025:1434
RHSA-2025:1437
RHSA-2025:1657
RHSA-2025:1662
RHSA-2025:1663
RHSA-2025:1680
RHSA-2025:8137
RHSA-2025_1230
RHSA-2025_1262
RHSA-2025_1266
RLSA-2025:1230
RLSA-2025:1266
RXSA-2025:1262
SUSE-SU-2024:4314-1
SUSE-SU-2024:4315-1
SUSE-SU-2024:4316-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4364-1
SUSE-SU-2024:4367-1
SUSE-SU-2024:4376-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:0035-1
SUSE-SU-2025:0555-1
SUSE-SU-2025:0556-1
SUSE-SU-2025:0576-1
SUSE-SU-2025:0577-1
SUSE-SU-2025:0577-2
SUSE-SU-2025:0603-1
SUSE-SU-2025:0643-1
SUSE-SU-2025:0645-1
SUSE-SU-2025:0650-1
SUSE-SU-2025:0652-1
SUSE-SU-2025:0656-1
SUSE-SU-2025:0662-1
SUSE-SU-2025:0667-1
SUSE-SU-2025:0669-1
SUSE-SU-2025:0681-1
SUSE-SU-2025:0687-1
SUSE-SU-2025:0698-1
SUSE-SU-2025:0703-1
SUSE-SU-2025:0704-1
SUSE-SU-2025:0707-1
SUSE-SU-2025:0708-1
SUSE-SU-2025:0709-1
SUSE-SU-2025:0713-1
SUSE-SU-2025:0771-1
SUSE-SU-2025:0867-1
SUSE-SU-2025_0517-1
SUSE-SU-2025_0517-2
SUSE-SU-2025_0577-1
SUSE-SU-2025_0577-2
USN-7276-1
USN-7277-1
USN-7288-1
USN-7288-2
USN-7289-1
USN-7289-2
USN-7289-3
USN-7289-4
USN-7291-1
USN-7293-1
USN-7294-1
USN-7294-2
USN-7294-3
USN-7294-4
USN-7295-1
USN-7305-1
USN-7308-1
USN-7310-1
USN-7324-1
USN-7325-1
USN-7325-2
USN-7325-3
USN-7326-1
USN-7331-1
USN-7332-1
USN-7332-2
USN-7332-3
USN-7342-1
USN-7344-1
USN-7344-2
USN-7384-1
USN-7384-2
USN-7385-1
USN-7386-1
USN-7388-1
USN-7389-1
USN-7390-1
USN-7393-1
USN-7401-1
USN-7403-1
USN-7413-1
USN-7458-1
USN-7468-1
USN-7539-1
USN-7540-1
USN-7720-1

Affected Products

Almalinux
Astra Linux
Centos
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu