CVE-2024-53197

ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices

CVSS 7.8 HIGHEPSS 3.6%● KEVCWE-787

In short

A malicious USB audio device (like Extigy or Mbox) can trick the Linux kernel into accessing memory outside its allocated bounds by reporting an incorrect number of configurations. This could crash the system or allow an attacker to read sensitive data.

Technical detail

The vulnerability occurs when a crafted USB device provides a bNumConfigurations value larger than the number of configuration structures allocated during usb_get_configuration. This leads to out-of-bounds memory access in subsequent operations like usb_destroy_configuration. The attack vector is direct USB device connection with no special privileges required.

Summary generated and translated by AI from the official description.

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating dev->config. This can lead to out-of-bounds accesses later, e.g. in usb_destroy_configuration.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Linux · Linux

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References