{"id":"ASB-A-378455392","details":"In uvc_parse_format of uvc_driver.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-378455392","CVE-2024-53104"],"modified":"2026-05-22T15:55:21.353668239Z","published":"2025-02-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2025-02-01"},{"type":"FIX","url":"https://android.googlesource.com/kernel/common/+/96ad4e759ff4aaa24eb185500c0c28466ae5452a"},{"type":"FIX","url":"https://android.googlesource.com/kernel/common/+/cd68103d98d36beb8eeab8051566b8f9b3d965d4"}],"affected":[{"package":{"name":":linux_kernel:","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":":0"},{"fixed":":2025-02-05"}]}],"versions":["Kernel"],"ecosystem_specific":{"spl":"2025-02-05","fixes":["https://android.googlesource.com/kernel/common/+/96ad4e759ff4aaa24eb185500c0c28466ae5452a","https://android.googlesource.com/kernel/common/+/cd68103d98d36beb8eeab8051566b8f9b3d965d4"],"types":["EoP"],"vanir_signatures":[{"digest":{"length":5816,"function_hash":"280130390818871782503200057244726680801"},"deprecated":false,"source":"https://android.googlesource.com/kernel/common/+/cd68103d98d36beb8eeab8051566b8f9b3d965d4","target":{"function":"uvc_parse_format","file":"drivers/media/usb/uvc/uvc_driver.c"},"id":"ASB-A-378455392-3ae2c406","signature_type":"Function","signature_version":"v1"},{"digest":{"threshold":0.9,"line_hashes":["266792207385229186384717707134063183888","17127047534150347989595357807094220812","225175023848998841398186290211465281957","92850428422777379934470600922725549404"]},"deprecated":false,"source":"https://android.googlesource.com/kernel/common/+/cd68103d98d36beb8eeab8051566b8f9b3d965d4","target":{"file":"drivers/media/usb/uvc/uvc_driver.c"},"id":"ASB-A-378455392-51e31717","signature_type":"Line","signature_version":"v1"},{"digest":{"threshold":0.9,"line_hashes":["266792207385229186384717707134063183888","17127047534150347989595357807094220812","225175023848998841398186290211465281957","92850428422777379934470600922725549404"]},"deprecated":false,"source":"https://android.googlesource.com/kernel/common/+/96ad4e759ff4aaa24eb185500c0c28466ae5452a","target":{"file":"drivers/media/usb/uvc/uvc_driver.c"},"id":"ASB-A-378455392-ae771e36","signature_type":"Line","signature_version":"v1"},{"digest":{"length":5870,"function_hash":"28801358841707519660609948544665298819"},"deprecated":false,"source":"https://android.googlesource.com/kernel/common/+/96ad4e759ff4aaa24eb185500c0c28466ae5452a","target":{"function":"uvc_parse_format","file":"drivers/media/usb/uvc/uvc_driver.c"},"id":"ASB-A-378455392-ed2ff5bf","signature_type":"Function","signature_version":"v1"}],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-378455392.json"}}],"schema_version":"1.7.5"}