CVE-2024-53197

Published Dec 27, 2024

Last updated 4 months ago

Exploit knownCVSS high 7.8
Linux Kernel
Mobile device
Ubuntu

Overview

Description
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating dev->config. This can lead to out-of-bounds accesses later, e.g. in usb_destroy_configuration.
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD status
Analyzed
Products
linux_kernel, debian_linux

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Known exploits

Data from CISA

Vulnerability name
Linux Kernel Out-of-Bounds Access Vulnerability
Exploit added on
Apr 9, 2025
Exploit action due
Apr 30, 2025
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-787

Social media

Hype score
Not currently trending

  1. #Vulnerability #Androidsecurity CISA Warns of Actively Exploited Linux Kernel Vulnerabilities (CVE-2024-53197, CVE-2024-53150) https://t.co/OzrVJPcCH0

    @Komodosec

    20 Jun 2025

    64 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 2. Android Cihazlarda İki Zero-Day Açığı (CVE-2024-53150 & CVE-2024-53197) Google, Nisan 2025 güvenlik güncellemesi kapsamında Android cihazlarda iki kritik sıfır gün açığını gidermiştir: •CVE-2024-53150: Kullanıcı etkileşimi olmadan hassas bilgilere yet

    @MuratDemirtas

    26 Apr 2025

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. ⚠️ Google Patches Two Actively Exploited Android Zero-Day Vulnerabilities https://t.co/w5TTG3JTLc Google has patched 62 Android vulnerabilities, including two zero-days (CVE-2024-53197 and CVE-2024-53150) under active exploitation that allow privilege escalation and

    @Huntio

    16 Apr 2025

    573 Impressions

    4 Retweets

    9 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨 Heads up: CISA added two significant Linux kernel vulnerabilities to its KEV catalog, confirming both flaws are being actively weaponized in targeted attacks: • CVE-2024-53197 • CVE-2024-53150 @The_Cyber_News has more. 👇 https://t.co/8cwQqhztnU

    @AlmaLinux

    16 Apr 2025

    403 Impressions

    3 Retweets

    13 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. Google Sécurité, confirmation d’une exploitation active des failles Android CVE-2024-53150 et CVE-2024-53197. https://t.co/QF06wKfW5j

    @NicolasCoolman

    13 Apr 2025

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 🛡️ We added Linux Kernel vulnerabilities CVE-2024-53197 & CVE-2024-53150 to our Known Exploited Vulnerabilities Catalog. Apply mitigations to protect your org from cyberattacks. #InfoSec https://t.co/ROBXiTLbxH

    @GlobalCyberCom

    10 Apr 2025

    29 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. CISA has added Linux kernel vulnerabilities CVE-2024-53197 and CVE-2024-53150 to its KEV catalog, warning of active exploitation. Learn how these flaws are used in Android device exploits and what steps to take. https://t.co/o9wzJFdW8n

    @the_yellow_fall

    10 Apr 2025

    76 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  8. 🔨WhatsApp、リモートコード実行を容易にする脆弱性を修正(CVE-2025-30401) 📱GoogleがAndroidのゼロデイ脆弱性2件を修正、悪用された可能性についても言及(CVE-2024-53197、CVE-2024-53150) 〜サイバーアラート 4月9日〜 https://t.co/ohAKKImzR7 #セキュリティ #インテリジェンス #OSINT

    @MachinaRecord

    9 Apr 2025

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. Google has patched two active Android zero-day vulnerabilities CVE-2024-53197 & CVE-2024-53150 being exploited without user interaction. One flaw was used to unlock a student activist's device to install spyware. Patches are available for Android 13-15, but device-specific ht

    @CareWeDoNot

    8 Apr 2025

    37 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. Android Security Alert: Google’s April 2025 update patches 62 flaws, incl. 2 zero-days (CVE-2024-53150 & CVE-2024-53197) actively exploited in the wild. Update to patch level 2025-04-01 or later ASAP. #Android #CyberSecurity #PatchNow https://t.co/veLmeXmMOz

    @CloneSystemsInc

    8 Apr 2025

    82 Impressions

    0 Retweets

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. Google’s April Android update patches 62 flaws—2 are actively exploited! CVE-2024-53150 & CVE-2024-53197 affect Linux kernel USB, used in real-world attacks. Update ASAP to stay secure. https://t.co/wJIraDfvKm #Android #ZeroDay #CyberSecurity #Google #PatchNow

    @dCypherIO

    8 Apr 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. Google's April 2025 Android update addresses critical kernel vulnerabilities (CVE-2024-53150, CVE-2024-53197) exploited in attacks. Protect devices with this vital security patch! 🔒📱 #AndroidSecurity #CyberAlerts #USA link: https://t.co/Sj6TbBEPhF https://t.co/BUrqUBA81Q

    @TweetThreatNews

    8 Apr 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. Google has patched 62 vulnerabilities, including two high-severity flaws (CVE-2024-53150 and CVE-2024-53197) actively exploited in the wild. Update Android devices to ensure security! 🔒 #AndroidUpdate #Vulnerabilities #USA link: https://t.co/6dPXMnccMW https://t.co/HLzOsni16n

    @TweetThreatNews

    8 Apr 2025

    34 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. 🚨 Android Zero-Days Patched Google’s April 2025 update fixes 62 vulns, including 2 actively exploited flaws in the USB kernel component: CVE-2024-53150 Info leak CVE-2024-53197 Privilege escalation 🔒 Part of a known exploit chain used in real-world attacks. https://t.co

    @CareWeDoNot

    8 Apr 2025

    77 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  15. 📢 CiberSeguridad en menos de 5 minutos 📱 Google corrige dos 0-day en Android – CVE-2024-53197 y CVE-2024-53150, una usada por Cellebrite, permiten escalada de privilegios y lectura fuera de límites en el kernel. 🧩 Extensiones maliciosas en VSCode – Más de 300K instalaciones h

    @Seifreed

    8 Apr 2025

    3029 Impressions

    18 Retweets

    111 Likes

    19 Bookmarks

    1 Reply

    1 Quote

  16. 🔥 Google patches 62 security flaws — but 2 were already exploited in the wild. One (CVE-2024-53197) helped hackers break into a Serbian activist’s phone in Dec 2024. 👀 Zero user interaction. Remote takeover. Full story → https://t.co/F1HiWAqbhR

    @TheHackersNews

    8 Apr 2025

    14009 Impressions

    77 Retweets

    140 Likes

    21 Bookmarks

    2 Replies

    1 Quote

  17. Android corregge due zero-day usati da Cellebrite e chiude oltre 60 vulnerabilità critiche Sicurezza Informatica, Android, Android Pixel, cellebrite, CVE-2024-53150, CVE-2024-53197, escalation privilegi, exploit, kernel, NoviSpy, patch, Serbia, usb, vuln… https://t.co/ZTpZ0l37PK

    @matricedigitale

    7 Apr 2025

    50 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. ⚠️ Vulnerability Alert: Android Zero-Day Exploit Chain 📅 Timeline: Disclosure: 2024-02-28, Patch: 2025-02-05 📌 Attribution: Cellebrite, Serbian Police 🆔cveId: CVE-2024-53104,CVE-2024-53197,CVE-2024-50302 📊baseScore: 7.8 📏cvssMetrics:… https://t.co/rgXZ4g9u1I

    @syedaquib77

    28 Feb 2025

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. Qualcomm Multiple Chipsets Memory Corruption VulnerabilityCVE-2026-21385
  2. Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.CVE-2026-2786
  3. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted MSL script triggers a heap-use-after-free. The operation element handler replaces and frees the image while the parser continues reading from it, leading to a UAF in ReadBlobString during further parsing. Versions 7.1.2-15 and 6.9.13-40 contain a patch.CVE-2026-25983
  4. GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28265.CVE-2026-2045
  5. A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The _unzip_iter function in nltk/downloader.py uses zipfile.extractall() without performing path validation or security checks. This allows attackers to craft malicious zip packages that, when downloaded and extracted by NLTK, can execute arbitrary code. The vulnerability arises because NLTK assumes all downloaded packages are trusted and extracts them without validation. If a malicious package contains Python files, such as __init__.py, these files are executed automatically upon import, leading to remote code execution. This issue can result in full system compromise, including file system access, network access, and potential persistence mechanisms.CVE-2025-14009

References

Sources include official advisories and independent security research.