CVE-2024-53104
media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format
In short
A flaw in the Linux kernel's USB video driver fails to properly handle certain undefined frame types, which can cause the driver to write data outside allocated memory boundaries. This can crash the system or potentially allow unauthorized code execution when a malicious USB device is connected.
Technical detail
CWE-787 out-of-bounds write vulnerability in uvc_parse_format() where UVC_VS_UNDEFINED frame types are parsed but not accounted for in buffer size calculation in uvc_parse_streaming(). Attack vector requires physical connection of a crafted USB video device; impact includes memory corruption and potential code execution in kernel context.
Summary generated and translated by AI from the official description.
In the Linux kernel, the following vulnerability has been resolved:
media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format
This can lead to out of bounds writes since frames of this type were not
taken into account when calculating the size of the frames buffer in
uvc_parse_streaming.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://git.kernel.org/stable/c/1ee9d9122801eb688783acd07791f2906b87cb4fhttps://git.kernel.org/stable/c/467d84dc78c9abf6b217ada22b3fdba336262e29https://git.kernel.org/stable/c/575a562f7a3ec2d54ff77ab6810e3fbceef2a91dhttps://git.kernel.org/stable/c/622ad10aae5f5e03b7927ea95f7f32812f692bb5https://git.kernel.org/stable/c/684022f81f128338fe3587ec967459669a1204aehttps://git.kernel.org/stable/c/95edf13a48e75dc2cc5b0bc57bf90d6948a22fe8https://git.kernel.org/stable/c/beced2cb09b58c1243733f374c560a55382003d6https://git.kernel.org/stable/c/ecf2b43018da9579842c774b7f35dbe11b5c38ddhttps://git.kernel.org/stable/c/faff5bbb2762c44ec7426037b3000e77a11d6773https://lists.debian.org/debian-lts-announce/2025/01/msg00001.htmlhttps://lists.debian.org/debian-lts-announce/2025/03/msg00002.htmlhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-53104