Bug 2329817 (CVE-2024-53104) - CVE-2024-53104 kernel: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format
Summary: CVE-2024-53104 kernel: media: uvcvideo: Skip parsing frames of type UVC_VS_UN...
Keywords:
Status: NEW
Alias: CVE-2024-53104
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2329819
Blocks:
TreeView+ depends on / blocked
 
Reported: 2024-12-02 08:00 UTC by OSIDB Bzimport
Modified: 2025-03-20 07:01 UTC (History)
6 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2025:1276 0 None None None 2025-02-11 08:52:19 UTC
Red Hat Product Errata RHBA-2025:1279 0 None None None 2025-02-11 08:59:10 UTC
Red Hat Product Errata RHBA-2025:1361 0 None None None 2025-02-12 19:17:13 UTC
Red Hat Product Errata RHBA-2025:1362 0 None None None 2025-02-12 19:20:14 UTC
Red Hat Product Errata RHBA-2025:1417 0 None None None 2025-02-13 12:26:09 UTC
Red Hat Product Errata RHBA-2025:1690 0 None None None 2025-02-19 18:12:31 UTC
Red Hat Product Errata RHBA-2025:1758 0 None None None 2025-02-24 09:00:08 UTC
Red Hat Product Errata RHSA-2025:1230 0 None None None 2025-02-10 13:56:58 UTC
Red Hat Product Errata RHSA-2025:1231 0 None None None 2025-02-10 13:56:46 UTC
Red Hat Product Errata RHSA-2025:1242 0 None None None 2025-02-13 02:11:26 UTC
Red Hat Product Errata RHSA-2025:1253 0 None None None 2025-02-10 21:28:04 UTC
Red Hat Product Errata RHSA-2025:1254 0 None None None 2025-02-10 21:26:26 UTC
Red Hat Product Errata RHSA-2025:1262 0 None None None 2025-02-11 01:13:19 UTC
Red Hat Product Errata RHSA-2025:1264 0 None None None 2025-02-11 01:33:39 UTC
Red Hat Product Errata RHSA-2025:1266 0 None None None 2025-02-11 03:36:59 UTC
Red Hat Product Errata RHSA-2025:1267 0 None None None 2025-02-11 04:07:52 UTC
Red Hat Product Errata RHSA-2025:1268 0 None None None 2025-02-11 04:14:58 UTC
Red Hat Product Errata RHSA-2025:1269 0 None None None 2025-02-11 03:53:59 UTC
Red Hat Product Errata RHSA-2025:1270 0 None None None 2025-02-11 04:24:55 UTC
Red Hat Product Errata RHSA-2025:1278 0 None None None 2025-02-11 08:53:04 UTC
Red Hat Product Errata RHSA-2025:1280 0 None None None 2025-02-11 09:01:38 UTC
Red Hat Product Errata RHSA-2025:1281 0 None None None 2025-02-11 09:09:58 UTC
Red Hat Product Errata RHSA-2025:1282 0 None None None 2025-02-11 09:17:22 UTC
Red Hat Product Errata RHSA-2025:1291 0 None None None 2025-02-11 11:18:48 UTC
Red Hat Product Errata RHSA-2025:1347 0 None None None 2025-02-12 08:18:30 UTC
Red Hat Product Errata RHSA-2025:1374 0 None None None 2025-02-13 00:26:27 UTC
Red Hat Product Errata RHSA-2025:1386 0 None None None 2025-02-19 19:45:58 UTC
Red Hat Product Errata RHSA-2025:1403 0 None None None 2025-02-18 17:47:14 UTC
Red Hat Product Errata RHSA-2025:1433 0 None None None 2025-02-13 14:33:14 UTC
Red Hat Product Errata RHSA-2025:1434 0 None None None 2025-02-13 14:34:10 UTC
Red Hat Product Errata RHSA-2025:1437 0 None None None 2025-02-13 14:46:56 UTC
Red Hat Product Errata RHSA-2025:1451 0 None None None 2025-02-19 23:11:24 UTC
Red Hat Product Errata RHSA-2025:1657 0 None None None 2025-02-18 21:57:16 UTC
Red Hat Product Errata RHSA-2025:1662 0 None None None 2025-02-19 02:22:02 UTC
Red Hat Product Errata RHSA-2025:1663 0 None None None 2025-02-19 02:20:34 UTC
Red Hat Product Errata RHSA-2025:1680 0 None None None 2025-02-19 14:26:31 UTC
Red Hat Product Errata RHSA-2025:1711 0 None None None 2025-02-27 04:27:24 UTC
Red Hat Product Errata RHSA-2025:2701 0 None None None 2025-03-20 07:01:29 UTC

Description OSIDB Bzimport 2024-12-02 08:00:59 UTC 
In the Linux kernel, the following vulnerability has been resolved:

media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format

This can lead to out of bounds writes since frames of this type were not
taken into account when calculating the size of the frames buffer in
uvc_parse_streaming.
Comment 1 Michal Findra 2024-12-02 08:02:23 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2024120232-CVE-2024-53104-d781@gregkh/T
Comment 7 errata-xmlrpc 2025-02-10 13:56:45 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions

Via RHSA-2025:1231 https://access.redhat.com/errata/RHSA-2025:1231
Comment 8 errata-xmlrpc 2025-02-10 13:56:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:1230 https://access.redhat.com/errata/RHSA-2025:1230
Comment 9 errata-xmlrpc 2025-02-10 21:26:25 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2025:1254 https://access.redhat.com/errata/RHSA-2025:1254
Comment 10 errata-xmlrpc 2025-02-10 21:28:02 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2025:1253 https://access.redhat.com/errata/RHSA-2025:1253
Comment 12 errata-xmlrpc 2025-02-11 01:13:18 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:1262 https://access.redhat.com/errata/RHSA-2025:1262
Comment 13 errata-xmlrpc 2025-02-11 01:33:38 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2025:1264 https://access.redhat.com/errata/RHSA-2025:1264
Comment 14 errata-xmlrpc 2025-02-11 03:36:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:1266 https://access.redhat.com/errata/RHSA-2025:1266
Comment 15 errata-xmlrpc 2025-02-11 03:53:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2025:1269 https://access.redhat.com/errata/RHSA-2025:1269
Comment 16 errata-xmlrpc 2025-02-11 04:07:50 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2025:1267 https://access.redhat.com/errata/RHSA-2025:1267
Comment 17 errata-xmlrpc 2025-02-11 04:14:56 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2025:1268 https://access.redhat.com/errata/RHSA-2025:1268
Comment 18 errata-xmlrpc 2025-02-11 04:24:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2025:1270 https://access.redhat.com/errata/RHSA-2025:1270
Comment 19 errata-xmlrpc 2025-02-11 08:53:02 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support

Via RHSA-2025:1278 https://access.redhat.com/errata/RHSA-2025:1278
Comment 20 errata-xmlrpc 2025-02-11 09:01:36 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extended Lifecycle Support

Via RHSA-2025:1280 https://access.redhat.com/errata/RHSA-2025:1280
Comment 21 errata-xmlrpc 2025-02-11 09:09:56 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extended Lifecycle Support

Via RHSA-2025:1281 https://access.redhat.com/errata/RHSA-2025:1281
Comment 22 errata-xmlrpc 2025-02-11 09:17:21 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.7 Advanced Update Support

Via RHSA-2025:1282 https://access.redhat.com/errata/RHSA-2025:1282
Comment 23 errata-xmlrpc 2025-02-11 11:18:46 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions

Via RHSA-2025:1291 https://access.redhat.com/errata/RHSA-2025:1291
Comment 24 errata-xmlrpc 2025-02-12 08:18:28 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION

Via RHSA-2025:1347 https://access.redhat.com/errata/RHSA-2025:1347
Comment 25 errata-xmlrpc 2025-02-13 00:26:25 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2025:1374 https://access.redhat.com/errata/RHSA-2025:1374
Comment 26 errata-xmlrpc 2025-02-13 02:11:25 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.12

Via RHSA-2025:1242 https://access.redhat.com/errata/RHSA-2025:1242
Comment 27 errata-xmlrpc 2025-02-13 14:33:13 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:1433 https://access.redhat.com/errata/RHSA-2025:1433
Comment 28 errata-xmlrpc 2025-02-13 14:34:09 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2025:1434 https://access.redhat.com/errata/RHSA-2025:1434
Comment 29 errata-xmlrpc 2025-02-13 14:46:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2025:1437 https://access.redhat.com/errata/RHSA-2025:1437
Comment 31 errata-xmlrpc 2025-02-18 17:47:12 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.17

Via RHSA-2025:1403 https://access.redhat.com/errata/RHSA-2025:1403
Comment 32 errata-xmlrpc 2025-02-18 21:57:14 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:1657 https://access.redhat.com/errata/RHSA-2025:1657
Comment 33 errata-xmlrpc 2025-02-19 02:20:32 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions

Via RHSA-2025:1663 https://access.redhat.com/errata/RHSA-2025:1663
Comment 34 errata-xmlrpc 2025-02-19 02:22:00 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions

Via RHSA-2025:1662 https://access.redhat.com/errata/RHSA-2025:1662
Comment 35 errata-xmlrpc 2025-02-19 14:26:29 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2025:1680 https://access.redhat.com/errata/RHSA-2025:1680
Comment 36 errata-xmlrpc 2025-02-19 19:45:57 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.16

Via RHSA-2025:1386 https://access.redhat.com/errata/RHSA-2025:1386
Comment 37 errata-xmlrpc 2025-02-19 23:11:23 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.14

Via RHSA-2025:1451 https://access.redhat.com/errata/RHSA-2025:1451
Comment 39 errata-xmlrpc 2025-02-27 04:27:22 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.15

Via RHSA-2025:1711 https://access.redhat.com/errata/RHSA-2025:1711
Comment 40 errata-xmlrpc 2025-03-20 07:01:27 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.13

Via RHSA-2025:2701 https://access.redhat.com/errata/RHSA-2025:2701
Note You need to log in before you can comment on or make changes to this bug.