Linux Kernel Out-of-Bounds Write Vulnerability
Project:Linux
Product:Kernel
Date Added:2025-02-05Due Date::2025-02-26
Vulnerability Name
Linux Kernel Out-of-Bounds Write Vulnerability
Description
Linux kernel contains an out-of-bounds write vulnerability in the uvc_parse_streaming component of the USB Video Class (UVC) driver that could allow for physical escalation of privilege.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Additional Notes
This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://lore.kernel.org/linux-cve-announce/2024120232-CVE-2024-53104-d781@gregkh/
https://nvd.nist.gov/vuln/detail/CVE-2024-53104
Related News Articles
Google fixes Android zero-day exploited by Serbian authorities March 4, 2025
Google's March 2025 Android Security Update Fixes Two Actively Exploited VulnerabilitiesMarch 4, 2025
Serbian police used Cellebrite zero-day hack to unlock Android phonesMarch 1, 2025
Amnesty Finds Cellebrite's Zero-Day Used to Unlock Serbian Activist's Android PhoneMarch 1, 2025
CISA orders agencies to patch Linux kernel bug exploited in attacksFebruary 6, 2025