Description

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming.

INFO

Published Date :

2024-12-02T07:29:27.261Z

Last Modified :

2025-11-03T22:29:17.000Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-53104 vulnerability.

Vendors Products
Debian
  • Debian Linux
Linux
  • Linux Kernel
Redhat
  • Enterprise Linux
  • Openshift
  • Rhel Aus
  • Rhel E4s
  • Rhel Els
  • Rhel Eus
  • Rhel Extras Rt Els
  • Rhel Tus
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-53104.

URL Resource
https://access.redhat.com/articles/7107058 cve-icon
https://git.kernel.org/stable/c/1ee9d9122801eb688783acd07791f2906b87cb4f cve-icon cve-icon
https://git.kernel.org/stable/c/467d84dc78c9abf6b217ada22b3fdba336262e29 cve-icon cve-icon
https://git.kernel.org/stable/c/575a562f7a3ec2d54ff77ab6810e3fbceef2a91d cve-icon cve-icon
https://git.kernel.org/stable/c/622ad10aae5f5e03b7927ea95f7f32812f692bb5 cve-icon cve-icon
https://git.kernel.org/stable/c/684022f81f128338fe3587ec967459669a1204ae cve-icon cve-icon
https://git.kernel.org/stable/c/95edf13a48e75dc2cc5b0bc57bf90d6948a22fe8 cve-icon cve-icon
https://git.kernel.org/stable/c/beced2cb09b58c1243733f374c560a55382003d6 cve-icon cve-icon
https://git.kernel.org/stable/c/ecf2b43018da9579842c774b7f35dbe11b5c38dd cve-icon cve-icon
https://git.kernel.org/stable/c/faff5bbb2762c44ec7426037b3000e77a11d6773 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html cve-icon
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html cve-icon
https://lore.kernel.org/linux-cve-announce/2024120232-CVE-2024-53104-d781@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-53104 cve-icon
https://securitylab.amnesty.org/latest/2025/02/cellebrite-zero-day-exploit-used-to-target-phone-of-serbian-student-activist/ cve-icon
https://www.cisa.gov/known-exploited-vulnerabilities-catalog cve-icon
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-53104 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-53104 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact