CVE-2024-53104
| CVE Published | 2024-12-02 |
|---|---|
| Related CWE(s) | CWE-787: Out-of-bounds Write |
| Related Vendor(s) | linux |
| Related Product(s) | linux_kernel |
| Exploitation Reported (CISA KEV) | 2025-02-05 |
| CVSS 3 Base Score | 7.8 (HIGH) |
| CVSS 3 Attack Complexity | LOW |
| CVSS 3 Attack Vector | LOCAL |
In the Linux kernel, the following vulnerability has been resolved:
media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format
This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming.
Cyber Threat Graph Context
Explore how this CVE relates to the wider threat graph