CVE-2024-53104 - Linux Kernel Out-of-Bounds Write Vulnerability

Vulnerability Name

Linux Kernel Out-of-Bounds Write Vulnerability

Description

Linux kernel contains an out-of-bounds write vulnerability in the uvc_parse_streaming component of the USB Video Class (UVC) driver that could allow for physical escalation of privilege.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://lore.kernel.org/linux-cve-announce/2024120232-CVE-2024-53104-d781@gregkh/

https://nvd.nist.gov/vuln/detail/CVE-2024-53104

Related News Articles

Google Releases Android Update to Patch Two Actively Exploited VulnerabilitiesApril 8, 2025

Google fixes Android zero-days exploited in attacks, 60 other flawsApril 8, 2025

Google fixes Android zero-day exploited by Serbian authorities March 4, 2025

Google's March 2025 Android Security Update Fixes Two Actively Exploited VulnerabilitiesMarch 4, 2025

Serbian police used Cellebrite zero-day hack to unlock Android phonesMarch 1, 2025