CVE-2024-53197

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-53197

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-53197.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-53197

Aliases

A-382243530
ASB-A-382243530

Downstream

BELL-CVE-2024-53197

DEBIAN-CVE-2024-53197

DLA-4075-1

DLA-4076-1

OESA-2025-1032

OESA-2025-1033

OESA-2025-1034

OESA-2025-1035

OESA-2025-1036

OESA-2025-1037

RHSA-2025:2473

RHSA-2025:2474

RHSA-2025:2475

RHSA-2025:2476

RHSA-2025:2488

RHSA-2025:2489

RHSA-2025:2490

RHSA-2025:2501

RHSA-2025:2510

RHSA-2025:2512

RHSA-2025:2514

RHSA-2025:2517

RHSA-2025:2524

RHSA-2025:2525

RHSA-2025:2528

RHSA-2025:2627

RHSA-2025:2646

RLSA-2025:2473

RLSA-2025:2474

SUSE-SU-2025:02264-1

SUSE-SU-2025:0289-1

SUSE-SU-2025:0428-1

SUSE-SU-2025:0499-1

SUSE-SU-2025:0557-1

SUSE-SU-2025:0565-1

Related

Published

2024-12-27T14:15:27Z

Modified

2025-08-09T20:01:27Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices

A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usbgetconfiguration for allocating dev->config.

This can lead to out-of-bounds accesses later, e.g. in usbdestroyconfiguration.

References

CVE-2024-53197

Affected packages