REDHAT-BUG-2333971
First published: Tue Dec 24 2024(Updated: )
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. That is, when a device provides a bogus descriptor with a shorter bLength, the driver might hit out-of-bounds reads. For addressing it, this patch adds sanity checks to the validator functions for the clock descriptor traversal. When the descriptor length is shorter than expected, it's skipped in the loop. For the clock source and clock multiplier descriptors, we can just check bLength against the sizeof() of each descriptor type. OTOH, the clock selector descriptor of UAC2 and UAC3 has an array of bNrInPins elements and two more fields at its tail, hence those have to be checked in addition to the sizeof() check.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://lore.kernel.org/linux-cve-announce/2024122427-CVE-2024-53150-3a7d@gregkh/T
- https://www.cisa.gov/news-events/alerts/2025/04/09/cisa-adds-two-known-exploited-vulnerabilities-catalog
- https://access.redhat.com/errata/RHSA-2025:3827
- https://access.redhat.com/errata/RHSA-2025:3832
- https://access.redhat.com/errata/RHSA-2025:3839
- https://access.redhat.com/errata/RHSA-2025:3838
- https://access.redhat.com/errata/RHSA-2025:3861
- https://access.redhat.com/errata/RHSA-2025:3871
- https://access.redhat.com/errata/RHSA-2025:3880
- https://access.redhat.com/errata/RHSA-2025:3887
- https://access.redhat.com/errata/RHSA-2025:3889
- https://access.redhat.com/errata/RHSA-2025:3888
- https://access.redhat.com/errata/RHSA-2025:3894
- https://access.redhat.com/errata/RHSA-2025:3893
- https://access.redhat.com/errata/RHSA-2025:3901
- https://access.redhat.com/errata/RHSA-2025:3903
- https://access.redhat.com/errata/RHSA-2025:3931
- https://access.redhat.com/errata/RHSA-2025:3935
- https://access.redhat.com/errata/RHSA-2025:3937
- https://access.redhat.com/errata/RHSA-2025:4019
- https://access.redhat.com/errata/RHSA-2025:4012
- https://access.redhat.com/errata/RHSA-2025:4177
- https://bugzilla.redhat.com/show_bug.cgi?id=2333971
Frequently Asked Questions
What is the severity of REDHAT-BUG-2333971?
The severity of REDHAT-BUG-2333971 is classified as high due to potential exploitation risks associated with out of bounds reads.
How do I fix REDHAT-BUG-2333971?
To fix REDHAT-BUG-2333971, ensure that your system is updated with the latest Linux kernel patches that address this vulnerability.
What systems are affected by REDHAT-BUG-2333971?
REDHAT-BUG-2333971 affects the Linux kernel, specifically systems utilizing the USB-audio driver.
What kind of attacks can REDHAT-BUG-2333971 lead to?
REDHAT-BUG-2333971 can lead to potential Denial of Service (DoS) attacks or memory corruption if exploited.
Is there a known exploit for REDHAT-BUG-2333971?
As of now, no specific exploits for REDHAT-BUG-2333971 have been publicly disclosed, but the vulnerability poses significant security risks.
- agent/severity
- agent/source
- agent/type
- agent/first-publish-date
- agent/description
- agent/event
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- agent/references
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2024-53150
- vendor/linux
- canonical/linux kernel