CVE-2024-53104

HIGH

CVSS v3

7.8

HIGH

EPSS Score

11.1%

exploit probability

CISA KEV

No

known exploited

Exploitation

SSVC status

Description

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming.

Technical Details

Published
12/2/2024

Frequently Asked Questions

What is CVE-2024-53104?

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming.

Is CVE-2024-53104 actively exploited?

Active exploitation of CVE-2024-53104 has not been confirmed. The EPSS score is 11.1%, indicating the estimated probability of exploitation in the next 30 days.

What is the CVSS score for CVE-2024-53104?

CVE-2024-53104 has a CVSS v3 base score of 7.8 (HIGH severity).

Is CVE-2024-53104 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.