CVE-2024-53104

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-53104
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-53104.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-53104
Aliases
Downstream
Related
Published
2024-12-02T08:15:08Z
Modified
2025-08-09T20:01:27Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat

This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvcparsestreaming.

References

Affected packages