Unrated severityCISA KEVNVD Advisory· Published Dec 27, 2024· Updated Nov 3, 2025
ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices
CVE-2024-53197
Description
In the Linux kernel, the following vulnerability has been resolved:
ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices
A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating dev->config.
This can lead to out-of-bounds accesses later, e.g. in usb_destroy_configuration.
Affected products
1- Linux/Linuxv5Range: 2.6.12
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
News mentions
0No linked articles in our index yet.