CVE-2024-53150

HIGH KEV

Linux Kernel - Out-of-bounds Read in USB Audio Clock Descriptor Validation

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2024-53150 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added April 9, 2025.

Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. That is, when a device provides a bogus descriptor with a shorter bLength, the driver might hit out-of-bounds reads. For addressing it, this patch adds sanity checks to the validator functions for the clock descriptor traversal. When the descriptor length is shorter than expected, it's skipped in the loop. For the clock source and clock multiplier descriptors, we can just check bLength against the sizeof() of each descriptor type. OTOH, the clock selector descriptor of UAC2 and UAC3 has an array of bNrInPins elements and two more fields at its tail, hence those have to be checked in addition to the sizeof() check.

References (11)

Core 11
Core References

Scores

CVSS v3 7.1
EPSS 0.0112
EPSS Percentile 78.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation active
Automatable no
Technical Impact partial

Details

CISA KEV 2025-04-09
VulnCheck KEV 2024-11-25
ENISA EUVD EUVD-2024-51822
CWE
CWE-125
Status published
Products (31)
debian/debian_linux 11.0
linux/Kernel 5.11.0 - 5.15.174linux
linux/Kernel 5.16.0 - 6.1.120linux
linux/Kernel 5.4.0 - 5.4.287linux
linux/Kernel 5.5.0 - 5.10.231linux
linux/Kernel 6.12.0 - 6.12.2linux
linux/Kernel 6.2.0 - 6.6.64linux
linux/Kernel 6.7.0 - 6.11.11linux
Linux/Linux < 5.4
Linux/Linux 3b17a13b687ae99939dc94a4ae01fbc34f68decc
... and 21 more
Published Dec 24, 2024
KEV Added Apr 09, 2025
Tracked Since Feb 18, 2026