EUVD-2025-26789

Malicious code in bioql PyPI...

media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format()

...

DEBIAN-CVE-2025-38680

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix 1-byte out-of-bounds read in uvcparseformat The buffer length check before calling uvcparseformat only ensured that the buffer has at least 3 bytes buflen 2, buf the function accesses buffer3, requiring at...

CLSA-2025-1739525872 Fix CVE(s): CVE-2024-53104

CVE-url: https://ubuntu.com/security/CVE-2024-53104 - media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat...

The vulnerability of the uvc_parse_format() function in the drivers/media/usb/uvc/uvc_driver.c file of the Linux operating system’s UVC driver kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the uvcparseformat function in the drivers/media/usb/uvc/uvcdriver.c file, a part of the Linux kernel’s USB Video Class UVC driver, relates to memory access beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

DEBIAN-CVE-2024-53104

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in...