CVE-2024-53104 - Linux Kernel Out-of-Bounds Write Vulnerability

: Linux | Kernel

Date Added:
2025-02-05

Due Date:
2025-02-26

Vulnerability Name: Linux Kernel Out-of-Bounds Write Vulnerability

Description: Linux kernel contains an out-of-bounds write vulnerability in the uvc_parse_streaming component of the USB Video Class (UVC) driver that could allow for physical escalation of privilege.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes: This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://lore.kernel.org/linux-cve-announce/2024120232-CVE-2024-53104-d781@gregkh/ ; https://nvd.nist.gov/vuln/detail/CVE-2024-53104

Related News Articles

Google fixes Android zero-day exploited by Serbian authorities March 4, 2025

Google's March 2025 Android Security Update Fixes Two Actively Exploited VulnerabilitiesMarch 4, 2025

Serbian police used Cellebrite zero-day hack to unlock Android phonesMarch 1, 2025

Amnesty Finds Cellebrite's Zero-Day Used to Unlock Serbian Activist's Android PhoneMarch 1, 2025

CISA orders agencies to patch Linux kernel bug exploited in attacksFebruary 6, 2025

Free online web security scanner

Don't show website scan report rating on the leaderboard