Analysis Summary

CVE-2024-53150 CVSS:7.1

In the Linux kernel, an issue was fixed. The problem was with the ALSA: usb-audio. It would read beyond bounds when finding clock sources. The USB-audio driver didn’t check the bLength of each descriptor while traversing clock descriptors. This meant if a device had a wrong descriptor with a short bLength, the driver could read incorrectly. A patch was added to fix this. It checks and validates clock descriptor lengths. If the descriptor is too short, it skips it. For clock source and clock multiplier descriptors, the bLength is compared against the size of the descriptor type. However, for clock selector descriptors in UAC2 and UAC3, the length check is more complex because they have extra fields. These checks ensure safety in the loop.

CVE-2024-53197 CVSS:7.8

In the Linux kernel, a vulnerability has been fixed. The issue was in ALSA usb-audio with Extigy and Mbox devices. A fake device could give a bNumConfigurations value that is too high. This value went beyond the initial one used in usb_get_configuration for setting dev->config. This problem could cause out-of-bounds accesses later, such as in usb_destroy_configuration.

Impact

• Information Disclosure
• Privilege Escalation

Indicators of Compromise

CVE

• CVE-2024-53150

• CVE-2024-53197

Affected Vendors

Remediation

Refer to Linux Kernel Website for patch, upgrade, or suggested workaround information.

CVE-2024-53150

CVE-2024-53197