CVE-2024-53104
- Reference to the description:
- Description:
- In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming.
- Last updated date:
- 02/06/2025
Reports
ACTIVELY EXPLOITED
- Type:
- exploitation
- Confidence:
- HIGH
- Date of publishing:
- 11/07/2024
- Reference url to background
https://source.android.com/docs/security/bulletin/2025-02-01
- Type:
- exploitation
- Confidence:
- MEDIUM
- Date of publishing:
- 02/05/2025
- Reference url to background
https://www.cisa.gov/known-exploited-vulnerabilities-catalog