CVE-2024-53150

HIGH KEV

Debian Linux < 5.4.287 - Out-of-Bounds Read

Title source: rule

Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. That is, when a device provides a bogus descriptor with a shorter bLength, the driver might hit out-of-bounds reads. For addressing it, this patch adds sanity checks to the validator functions for the clock descriptor traversal. When the descriptor length is shorter than expected, it's skipped in the loop. For the clock source and clock multiplier descriptors, we can just check bLength against the sizeof() of each descriptor type. OTOH, the clock selector descriptor of UAC2 and UAC3 has an array of bNrInPins elements and two more fields at its tail, hence those have to be checked in addition to the sizeof() check.

References (11)

Scores

CVSS v3 7.1
EPSS 0.0112
EPSS Percentile 78.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Details

CISA KEV 2025-04-09
VulnCheck KEV 2024-11-25
ENISA EUVD EUVD-2024-51822
CWE
CWE-125
Status published
Products (9)
debian/debian_linux 11.0
linux/Kernel 5.11.0 - 5.15.174linux
linux/Kernel 5.16.0 - 6.1.120linux
linux/Kernel 5.4.0 - 5.4.287linux
linux/Kernel 5.5.0 - 5.10.231linux
linux/Kernel 6.12.0 - 6.12.2linux
linux/Kernel 6.2.0 - 6.6.64linux
linux/Kernel 6.7.0 - 6.11.11linux
linux/linux_kernel < 5.4.287
Published Dec 24, 2024
KEV Added Apr 09, 2025
Tracked Since Feb 18, 2026