Bug 2329817 (CVE-2024-53104)

Summary: CVE-2024-53104 kernel: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: dfreiber, drow, jburrell, kyoshida, mhhall3, vkumar
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
A vulnerability was found in the Linux kernel's USB Video Class driver. A buffer for video frame data is allocated, which does not account for all of the frame formats contained in a video stream, leading to an out-of-bounds write when a stream includes frames with an undefined format. An attacker who is able to influence the format of video streams captured by a system's USB video device could exploit this flaw to alter system memory and potentially escalate their privileges or execute arbitrary code.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2329819    
Bug Blocks:    

Description OSIDB Bzimport 2024-12-02 08:00:59 UTC 
In the Linux kernel, the following vulnerability has been resolved:

media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format

This can lead to out of bounds writes since frames of this type were not
taken into account when calculating the size of the frames buffer in
uvc_parse_streaming.
Comment 1 Michal Findra 2024-12-02 08:02:23 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2024120232-CVE-2024-53104-d781@gregkh/T
Comment 7 errata-xmlrpc 2025-02-10 13:56:45 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions

Via RHSA-2025:1231 https://access.redhat.com/errata/RHSA-2025:1231
Comment 8 errata-xmlrpc 2025-02-10 13:56:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:1230 https://access.redhat.com/errata/RHSA-2025:1230
Comment 9 errata-xmlrpc 2025-02-10 21:26:25 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2025:1254 https://access.redhat.com/errata/RHSA-2025:1254
Comment 10 errata-xmlrpc 2025-02-10 21:28:02 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2025:1253 https://access.redhat.com/errata/RHSA-2025:1253
Comment 12 errata-xmlrpc 2025-02-11 01:13:18 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:1262 https://access.redhat.com/errata/RHSA-2025:1262
Comment 13 errata-xmlrpc 2025-02-11 01:33:38 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2025:1264 https://access.redhat.com/errata/RHSA-2025:1264
Comment 14 errata-xmlrpc 2025-02-11 03:36:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:1266 https://access.redhat.com/errata/RHSA-2025:1266
Comment 15 errata-xmlrpc 2025-02-11 03:53:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2025:1269 https://access.redhat.com/errata/RHSA-2025:1269
Comment 16 errata-xmlrpc 2025-02-11 04:07:50 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2025:1267 https://access.redhat.com/errata/RHSA-2025:1267
Comment 17 errata-xmlrpc 2025-02-11 04:14:56 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2025:1268 https://access.redhat.com/errata/RHSA-2025:1268
Comment 18 errata-xmlrpc 2025-02-11 04:24:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2025:1270 https://access.redhat.com/errata/RHSA-2025:1270
Comment 19 errata-xmlrpc 2025-02-11 08:53:02 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support

Via RHSA-2025:1278 https://access.redhat.com/errata/RHSA-2025:1278
Comment 20 errata-xmlrpc 2025-02-11 09:01:36 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extended Lifecycle Support

Via RHSA-2025:1280 https://access.redhat.com/errata/RHSA-2025:1280
Comment 21 errata-xmlrpc 2025-02-11 09:09:56 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extended Lifecycle Support

Via RHSA-2025:1281 https://access.redhat.com/errata/RHSA-2025:1281
Comment 22 errata-xmlrpc 2025-02-11 09:17:21 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.7 Advanced Update Support

Via RHSA-2025:1282 https://access.redhat.com/errata/RHSA-2025:1282
Comment 23 errata-xmlrpc 2025-02-11 11:18:46 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions

Via RHSA-2025:1291 https://access.redhat.com/errata/RHSA-2025:1291
Comment 24 errata-xmlrpc 2025-02-12 08:18:28 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION

Via RHSA-2025:1347 https://access.redhat.com/errata/RHSA-2025:1347
Comment 25 errata-xmlrpc 2025-02-13 00:26:25 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2025:1374 https://access.redhat.com/errata/RHSA-2025:1374
Comment 26 errata-xmlrpc 2025-02-13 02:11:25 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.12

Via RHSA-2025:1242 https://access.redhat.com/errata/RHSA-2025:1242
Comment 27 errata-xmlrpc 2025-02-13 14:33:13 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:1433 https://access.redhat.com/errata/RHSA-2025:1433
Comment 28 errata-xmlrpc 2025-02-13 14:34:09 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2025:1434 https://access.redhat.com/errata/RHSA-2025:1434
Comment 29 errata-xmlrpc 2025-02-13 14:46:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2025:1437 https://access.redhat.com/errata/RHSA-2025:1437
Comment 31 errata-xmlrpc 2025-02-18 17:47:12 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.17

Via RHSA-2025:1403 https://access.redhat.com/errata/RHSA-2025:1403
Comment 32 errata-xmlrpc 2025-02-18 21:57:14 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:1657 https://access.redhat.com/errata/RHSA-2025:1657
Comment 33 errata-xmlrpc 2025-02-19 02:20:32 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions

Via RHSA-2025:1663 https://access.redhat.com/errata/RHSA-2025:1663
Comment 34 errata-xmlrpc 2025-02-19 02:22:00 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions

Via RHSA-2025:1662 https://access.redhat.com/errata/RHSA-2025:1662
Comment 35 errata-xmlrpc 2025-02-19 14:26:29 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2025:1680 https://access.redhat.com/errata/RHSA-2025:1680
Comment 36 errata-xmlrpc 2025-02-19 19:45:57 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.16

Via RHSA-2025:1386 https://access.redhat.com/errata/RHSA-2025:1386
Comment 37 errata-xmlrpc 2025-02-19 23:11:23 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.14

Via RHSA-2025:1451 https://access.redhat.com/errata/RHSA-2025:1451
Comment 39 errata-xmlrpc 2025-02-27 04:27:22 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.15

Via RHSA-2025:1711 https://access.redhat.com/errata/RHSA-2025:1711
Comment 40 errata-xmlrpc 2025-03-20 07:01:27 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.13

Via RHSA-2025:2701 https://access.redhat.com/errata/RHSA-2025:2701
Comment 42 errata-xmlrpc 2025-05-26 10:31:31 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2025:8137 https://access.redhat.com/errata/RHSA-2025:8137