ACK: [SRU][N][PATCH 0/1] CVE-2024-53104
Jacob Martin
jacob.martin at canonical.com
Mon Feb 10 20:39:21 UTC 2025
On Mon, Feb 10, 2025 at 06:42:02PM +0100, Massimiliano Pellizzer wrote:
> [Impact]
>
> media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format
>
> This can lead to out of bounds writes since frames of this type were not
> taken into account when calculating the size of the frames buffer in
> uvc_parse_streaming.
>
> [Fix]
>
> Oracular: Fixed via upstream stable updates (LP: #2091645)
> Noble: Cherry picked from mainline
> Jammy: Fixed via upstream stable updates (LP: #2089533)
> Focal: Fixed via upstream stable updates (LP: #2089558)
>
> [Test case]
>
> Compile tested only.
>
> [Where problems could occur]
>
> The fix affects the USB Video Class subsystem. An issue with this fix
> may lead to incorrect handling of video streaming for UVC devices. A
> user might experience probelms such as webcams failing to initialize
> correctly, interruptions in video streaming, or incorrect handling of
> video frame formats.
>
> Benoit Sevens (1):
> media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in
> uvc_parse_format
>
> drivers/media/usb/uvc/uvc_driver.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> --
> 2.43.0
>
Acked-by: Jacob Martin <jacob.martin at canonical.com>
More information about the kernel-team
mailing list