A proof-of-concept (PoC) exploit has been released for a high-severity out-of-bounds write vulnerability in the Linux kernel, identified as CVE-2024-53104. The vulnerability exists within the USB Video Class (UVC) driver and can lead to privilege escalation.
The flaw stems from improper parsing of UVC_VS_UNDEFINED frames within the uvc_parse_format function. This can cause miscalculation of buffer sizes, leading to out-of-bounds memory writes.
An attacker could exploit this vulnerability by inserting malicious USB devices or manipulating video streams, triggering buffer overflows that overwrite adjacent memory regions.
Successful exploitation could allow an attacker to modify kernel memory, potentially leading to system instability, privilege escalation, or arbitrary code execution.
PoC Released for Linux Kernel Vulnerability
The vulnerability lies in the uvc_parse_format function within the UVC driver (uvc_driver.c). The issue arises when the driver fails to properly skip malformed frames of type UVC_VS_UNDEFINED. This leads to incorrect buffer allocation in uvc_parse_streaming, potentially resulting in memory corruption.
The code before the patch had a while loop that parsed the frame descriptor without proper validation of the frame type. Specifically, the loop condition did not check if ftype was non-zero, which caused the loop to execute even when ftype was UVC_VS_UNDEFINED (0).
This resulted in an incorrect calculation of the frame buffer size and a risk of out-of-bounds writes.
The patch adds a check to the while loop condition to ensure that ftype is non-zero before parsing the frame descriptor. This prevents the loop from executing when the frame type is undefined, thus preventing incorrect parsing and out-of-bounds write attempts, reads the report.
Mitigations
The vulnerability has a CVSS score of 7.8, indicating a high severity. Google has released patches to address the flaw in its Android operating system.
The Cybersecurity and Infrastructure Security Agency (CISA) has added the vulnerability to its Known Exploited Vulnerabilities (KEV) list and has mandated that federal agencies apply the patch within three weeks.
Users are advised to update their systems with the latest security patches provided by their Linux distribution maintainers.
The vulnerability affects Linux kernel versions 2.6.26 and later. Applying the patches mitigates the risk of exploitation and ensures system security.
To enhance long-term security, a multi-layered approach, including reviewing USB device usage policies and deploying monitoring tools, is recommended.
Collect Threat Intelligence on the Latest Malware and Phishing Attacks with ANY.RUN TI Lookup -> Try for free
Content retrieved from: https://cybersecuritynews.com/poc-exploit-linux-kernel-write-vulnerability/.
