The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a directive mandating federal agencies to promptly address a critical vulnerability in the Linux kernel, identified as CVE-2024-53104.
This high-severity flaw affects the Android Kernel’s USB Video Class (UVC) driver and has been actively exploited in targeted attacks.
For those unaware, CVE-2024-53104 is a privilege escalation security flaw affecting the USB UVC driver in the Linux kernel.
The issue arises from improper parsing of frames labeled as UVC_VS_UNDEFINED in the uvc_parse_format function, which can cause the buffer size of frames to be miscalculated, resulting in out-of-bounds writes.
Successful exploitation of this vulnerability could allow an authenticated attacker to escalate privileges and perform execute arbitrary code on a vulnerable Android phone or cause denial-of-service conditions on affected systems or system crashes.
In response to the active exploitation of this vulnerability, CISA has added CVE-2024-53104 to its Known Exploited Vulnerabilities (KEV) Catalog.
The agency has mandated all Federal Civilian Executive Branch (FCEB) agencies, as per the November 2021 Binding Operational Directive (BOD) 22-01, to apply the patches by February 26, 2025, to mitigate the Linux kernel vulnerability and protect their networks against potential threats.
“These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise,” CISA issued a warning on Wednesday.
CISA has also advised private organizations and users to update their Linux distributions and Android devices to the latest versions to mitigate the risk associated with CVE-2024-53104.
As mentioned in our report yesterday, Google has released its February 2025 security updates, which address 48 vulnerabilities, including CVE-2024-53104.
The company noted indications of “limited, targeted exploitation” of this flaw and provided patches to improve the security of Android devices.
However, users are strongly encouraged to install the latest security updates promptly to safeguard their devices and themselves from major security threats.
