On February 3, 2025, Google published its February Android Security Bulletin, which addresses a total of 47 vulnerabilities affecting Android devices.
Among these, a critical flaw in the Linux kernel’s USB Video Class (UVC) driver, tracked as CVE-2024-53104, has been identified as a significant security risk.
This vulnerability allows attackers to execute remote code (RCE), potentially granting unauthorized read/write access to affected systems.
The vulnerability in question arises from improper parsing of frames marked as UVC_VS_UNDEFINED within the uvc_parse_format function of the UVC driver.
This mismanagement leads to miscalculation of buffer sizes, resulting in out-of-bounds memory writes.
Attackers can exploit this flaw by inserting malicious USB devices or manipulating video streams, triggering buffer overflows that overwrite adjacent memory regions.
The implications of CVE-2024-53104 are severe, as it could lead to local privilege escalation without requiring additional execution privileges.
Although the vulnerability is not directly exploitable remotely, it could be leveraged through USB device spoofing, making it a considerable threat to system integrity and stability.
Google has indicated that there are signs of limited, targeted exploitation of this flaw.
The vulnerability affects all Linux kernel versions from 2.6.26 up to the latest patched versions.
To mitigate this risk, users are urged to update their devices to security patch levels 2025-02-01 or 2025-02-05, which include fixes for this and other vulnerabilities across various components of the Android ecosystem.
| Fixed Kernel Version | Commit Hash | Release Channel |
|---|---|---|
| 4.19.324 (LTS) | 95edf13a48e7 | Long-Term Support |
| 5.4.286 (LTS) | 684022f81f12 | Long-Term Support |
| 5.10.230 (LTS) | faff5bbb2762 | Long-Term Support |
| 5.15.172 (LTS) | 467d84dc78c9 | Long-Term Support |
| 6.1.117 | beced2cb09b5 | Stable |
| 6.6.61 | 575a562f7a3e | Stable |
| 6.11.8 | 622ad10aae5f | Stable |
| 6.12.1 | 1ee9d9122801 | Stable |
| 6.13-rc1 | ecf2b43018da | Development |
In addition to CVE-2024-53104, the bulletin also addresses vulnerabilities in Qualcomm components and other third-party drivers, emphasizing the importance of timely updates to protect against potential exploits.
Given the critical nature of CVE-2024-53104 and its potential for exploitation, it is imperative for Android users to apply the latest security updates without delay.
The Android Security Bulletin serves as a reminder of the ongoing need for vigilance in cybersecurity practices, particularly concerning vulnerabilities that may lead to unauthorized access and control over devices.
Users should consult their device documentation for instructions on applying these essential updates promptly.
Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free
Penetration testing companies play a vital role in strengthening the cybersecurity defenses of organizations by…
Cybersecurity researchers continue to track sophisticated "Click Fix" style distribution campaigns that deliver the notorious…
In a novel and concerning development, multiple U.S. organizations have reported receiving suspicious physical letters…
The cybersecurity landscape has recently been impacted by the emergence of the Strela Stealer malware,…
A recent discovery by the Socket Research Team has unveiled a malicious PyPI package named…
A recent cybersecurity threat has emerged where unknown attackers are exploiting a critical remote code…