CVE-2024-53197
- Reference to the description:
- Description:
- In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating dev->config. This can lead to out-of-bounds accesses later, e.g. in usb_destroy_configuration.
- Last updated date:
- 12/27/2024
Reports
ACTIVELY EXPLOITED
- Type:
- exploitation
- Confidence:
- HIGH
- Date of publishing:
- 12/04/2024
- Reference url to background
https://source.android.com/docs/security/bulletin/2025-03-01