Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format can lead to out of bounds writes
CVE-2024-53104
Key Information:
Badges
What is CVE-2024-53104?
CVE-2024-53104 represents a significant vulnerability within the Linux kernel, specifically affecting the USB Video Class (UVC) driver. The core issue arises from improper handling of frames classified as UVC_VS_UNDEFINED in the uvc_parse_format function. When these frames are encountered, they are not appropriately skipped during buffer size calculations, leading to potential out-of-bounds writes. This flaw puts systems at risk of memory corruption, allowing attackers to influence kernel memory behavior. Consequently, this vulnerability may enable privilege escalation, where an attacker gains unauthorized access to system controls or sensitive data, potentially leading to further exploits or system instability. Given the critical role of the Linux kernel in managing system resources and facilitating hardware interaction, this vulnerability poses a notable threat to organizations relying on Linux-based environments to support various applications and services.
Potential impact of CVE-2024-53104
-
Privilege Escalation: Successful exploitation of this vulnerability could allow attackers to gain elevated privileges on the affected system, potentially leading to unauthorized access to critical system functions and sensitive information.
-
System Instability: The improper memory management resultant from out-of-bounds writes can cause system crashes or unexpected behavior, undermining the reliability of service provided by the affected systems.
-
Arbitrary Code Execution: Attackers may leverage this vulnerability to execute malicious code within the kernel, providing them with control over the affected system and enabling further attacks on connected networks or applications.
CISA has reported CVE-2024-53104
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2024-53104 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Affected Version(s)
Linux c0efd232929c2cd87238de2cccdaf4e845be5b0c < 95edf13a48e75dc2cc5b0bc57bf90d6948a22fe8
Linux c0efd232929c2cd87238de2cccdaf4e845be5b0c < 684022f81f128338fe3587ec967459669a1204ae
Linux c0efd232929c2cd87238de2cccdaf4e845be5b0c
News Articles
CISA (.gov)CVE-2024-53104CISA Adds One Known Exploited Vulnerability to Catalog | CISA
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-53104(link is external) Linux Kernel Out-of-Bounds Write...
CybersecurityNewsCVE-2024-53104PoC Exploit Released for Actively Exploited Linux Kernel Out-Of-Bounds Write Vulnerability
A proof-of-concept (PoC) exploit has been released for a high-severity out-of-bounds write vulnerability in the Linux kernel, identified as CVE-2024-53104. The vulnerability exists within the USB Video Class (UVC) driver and can lead to privilege escalation.
Linux kernel flaw added to CISA's exploited vulnerabilities list
Flaw could let attackers escalate privileges on popular Google Android and Pixel devices.
References
CVSS V3.1
Timeline
- 🦅
CISA Reported
- 📈
Vulnerability started trending
- 👾
Exploit known to exist
- 📰
First article discovered by SecurityWeek
Vulnerability published
Vulnerability Reserved