AI description
CVE-2024-53104 is a privilege escalation vulnerability found in the Android kernel's USB Video Class (UVC) driver. This driver is primarily used for handling USB cameras and similar video sources. The vulnerability arises from improper parsing of specifically crafted video frames, leading to a memory corruption issue. This could allow an attacker to write to memory locations they shouldn't have access to. Exploitation of this vulnerability could allow for local privilege escalation, potentially enabling a malicious app or specially crafted hardware to gain control of a vulnerable Android device. Google has acknowledged that there are indications of limited, targeted exploitation of this vulnerability. A patch for this vulnerability was incorporated into the open-source kernel at the end of 2024 and is included in the February 2025 Android security update.
- Description
- In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming.
- Source
- 416baaa9-dc9f-4396-8d5f-8c081fb06d67
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-787
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
25
Google has fixed a previously unknown vulnerability, CVE-2024-53104, in Android related to the Linux kernel. It may have been exploited by forensic data extraction tools used by law enforcement. The fix is included in the "2025-02-05" security patch. #Android #Security #Privacy
@ProgresiveRobot
4 Feb 2025
48 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
Google、2月のAndoroidセキュリティアップデートで悪用されるゼロデイに対処:CVE-2024-53104 https://t.co/iSUoE54Vzr #izumino_trend
@sec_trend
4 Feb 2025
78 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Google Fixes Android Zero-Day! 🚨 A critical Android security flaw (CVE-2024-53104) is being exploited! Update your device now to stay protected. 🔒📱 Read more, stay updated! 👇 https://t.co/jZGrOIpNSv #Android #Google #cybersecurity https://t.co/YjG8VpcanD
@GeekFeedNet
4 Feb 2025
24 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
⚠️ Androidユーザーの皆様へ緊急のお知らせ Googleが2025年2月のセキュリティアップデートを緊急リリース 現在、全Androidバージョンに影響する深刻なゼロデイ脆弱性(CVE-2024-53104)が発見されました 実際の標的型攻撃が確認されており、デバイスの権限が危険にさらされる可能性があります… https://t.co/IC0s0YEjOS https://t.co/oM0leihx5S
@TechTrendsJP
4 Feb 2025
64 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 #Google Patches Critical Kernel Vulnerability in #Android Devices: #CVE-2024-53104 https://t.co/z9DhbytTpR
@UndercodeNews
4 Feb 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google Patches 47 Android Security #flaws, Including Actively Exploited #CVE-2024-53104 https://t.co/yrVhBXb7b0
@AdliceSoftware
4 Feb 2025
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 Read More : https://t.co/MJJHP5Szuo https://t.co/I5jHz6Ekei
@techpio_team
4 Feb 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google e Microsoft correggono vulnerabilità critiche in Android e Azure AI Sicurezza Informatica, aggiornamenti sicurezza, AI, Android, azure, CVE-2024-53104, CVE-2025-21415, Face Service, Google, Microsoft Account, patch, vulnerabilità https://t.co/cBmqDATSPC https://t.co/1noSCK
@matricedigitale
4 Feb 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Gli aggiornamenti di sicurezza #Android di febbraio 2025 risolvono 48 vulnerabilità, tra cui una vulnerabilità del kernel zero-day che è stata sfruttata LA CVE-2024-53104, permette ad attaccanti locali di ottenere privilegi elevati tramite un driver USB https://t.co/PyeAHpW8aJ
@techworldaleant
4 Feb 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google's February 2025 Android security update fixes 46 vulnerabilities, including CVE-2024-53104, a critical flaw in the Linux kernel. Users should update to protect their devices. 🔒📱 #AndroidUpdate #LinuxKernel #USA link: https://t.co/S0Uuxr0jXN https://t.co/70BZzkuk7L
@TweetThreatNews
4 Feb 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google fixes Android kernel zero-day exploited in attacks: https://t.co/Li8OwNSrV6 The January 2025 Android security updates address 48 vulnerabilities, including a zero-day kernel flaw (CVE-2024-53104) that allows privilege escalation via the USB Video Class driver. This… https
@securityRSS
4 Feb 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 https://t.co/kx83vy7xBz https://t.co/J6LKkIU0px
@talentxfactor
4 Feb 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Google has patched 47 Android security flaws, including CVE-2024-53104, a critical privilege escalation issue. Urgent updates recommended for Android vendors! #AndroidSecurity #US #TechNews link: https://t.co/VVCiyMM3S0 https://t.co/WL9oJL6NoM
@TweetThreatNews
4 Feb 2025
93 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE Alert: Google Android Privilege Escalation Zero-day Vulnerability 🚨 Vulnerability Details: CVE-2024-53104 (CVSS 7.8/10) Google Android Privilege Escalation Vulnerability Impact A Successful exploit may allows a local user to escalate privileges on the system. Affected
@CyberxtronTech
4 Feb 2025
149 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE Alert: Google Android Privilege Escalation Zero-day Vulnerability Exploited In the Wild 🚨 Vulnerability Details: CVE-2024-53104 (CVSS 7.8/10) Google Android Privilege Escalation Vulnerability Impact A Successful exploit may allows a local user to escalate privileges on
@CyberxtronTech
4 Feb 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 https://t.co/xGkpojZ2c3 https://t.co/AezzSOl8ct
@RigneySec
4 Feb 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 https://t.co/lENWfuJgpG
@molari999
4 Feb 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The Hacker News - Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 https://t.co/5RIHSBKyaH
@buzz_sec
4 Feb 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google patches 47 Android security flaws, including one actively exploited in the wild! A critical vulnerability (CVE-2024-53104) lets attackers escalate privileges through USB Video Class driver—watch out for targeted exploitation! This flaw, tied to the Linux kernel, can lead
@StreetWalker212
4 Feb 2025
104 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
February 2025 Android Security Bulletin includes a heap buffer overflow in a Linux kernel USB peripheral driver (CVE-2024-53104) marked exploited in the wild. It's likely one of the USB bugs exploited by forensic data extraction tools. We block them using these.… https://t.co/rdJ
@GrapheneOS
4 Feb 2025
51633 Impressions
82 Retweets
647 Likes
102 Bookmarks
10 Replies
8 Quotes
Google patches 47 Android security flaws, including one actively exploited in the wild! A critical vulnerability (CVE-2024-53104) lets attackers escalate privileges through USB Video Class driver—watch out for targeted exploitation! Find details here: https://t.co/znupOWbLWA
@TheHackersNews
4 Feb 2025
11709 Impressions
48 Retweets
99 Likes
6 Bookmarks
1 Reply
0 Quotes
🔨Google、2月のAndoroidセキュリティアップデートで悪用されるゼロデイに対処:CVE-2024-53104 〜サイバーアラート 2月4日〜 https://t.co/GQYgMElyLS #セキュリティ #インテリジェンス #OSINT
@MachinaRecord
4 Feb 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
GoogleがAndroidカーネルにおけるゼロデイ脆弱性を2月の定例更新で修正。CVE-2024-53104はUSB Video Classドライバにおけるローカル権限昇格。その他、クアルコム社無線LANの脆弱性等が修正されている。 https://t.co/Ueo1HeCCko
@__kokumoto
3 Feb 2025
761 Impressions
2 Retweets
6 Likes
3 Bookmarks
0 Replies
0 Quotes
Google's January 2025 updates patch 48 vulnerabilities, including a critical zero-day in the Android kernel. Threat actors can exploit CVE-2024-53104. #AndroidUpdate #Qualcomm #USA 🛡️🔒 link: https://t.co/QJQzjlJHc6 https://t.co/FGP6TCvPiT
@TweetThreatNews
3 Feb 2025
74 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
New data shows consistent exploit trends with CVE-2024-53104 and CVE-2024-53103 among the top threats. More info: [https://t.co/ReJ5dWnTRd](https://t.co/tej1yYFNGt) Created by AI. #Android #Cybersecurity
@Funker_Dev
16 Jan 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New CVE trends: CVE-2024-53103 & CVE-2024-53104 emerge with 0.3% share. Stay updated: https://t.co/tej1yYFNGt Created by AI. #Android #Cybersecurity
@Funker_Dev
29 Dec 2024
33 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
How to Fix CVE-2024-53103 and CVE-2024-53104 Vulnerabilities in Linux Kernel? https://t.co/lu4PYoFdDc https://t.co/8ngpfB11h5
@TheSecMaster1
3 Dec 2024
1091 Impressions
6 Retweets
13 Likes
10 Bookmarks
2 Replies
0 Quotes
CVE-2024-53104 In the Linux kernel, the following vulnerability has been resolved: med... https://t.co/xaNlprrY79 Vulnerability Notification: https://t.co/xhLrNnfyrO
@VulmonFeeds
2 Dec 2024
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-53104 In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead … https://t.co/14ZY2ENnpY
@CVEnew
2 Dec 2024
466 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes