CVE-2024-53203

Published: Dic 27, 2024 Last Modified: Nov 03, 2025 EU-VD ID: EUVD-2024-51875
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,8
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high

Description

AI Translation Available

In the Linux kernel, the following vulnerability has been resolved:

usb: typec: fix potential array underflow in ucsi_ccg_sync_control()

The 'command' variable can be controlled by the user via debugfs. The
worry is that if con_index is zero then '&uc->ucsi->connector[con_index
- 1]' would be an array underflow.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0006
Percentile
0,2th
Updated

EPSS Score Trend (Last 91 Days)

129

Improper Validation of Array Index

Draft
Abstraction: Variant Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Availability Confidentiality
Potential Impacts:
Dos: Crash, Exit, Or Restart Modify Memory Read Memory Execute Unauthorized Code Or Commands
Applicable Platforms
Languages: C, C++, Not Language-Specific
Likelihood of Exploit: High
View CWE Details
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 6.12 (inclusive)
To 6.12.2 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 5.6 (inclusive)
To 6.11.11 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://git.kernel.org/stable/c/0e66fd8e5a2e45c7dacfc9178ba…
https://git.kernel.org/stable/c/0e66fd8e5a2e45c7dacfc9178ba702153f4a61a8
https://git.kernel.org/stable/c/56971710cd541f2f05160a84b31…
https://git.kernel.org/stable/c/56971710cd541f2f05160a84b3183477d34a1be9
https://git.kernel.org/stable/c/627c2a5056aba42a8a96a8fffe8…
https://git.kernel.org/stable/c/627c2a5056aba42a8a96a8fffe8996aeccf919a9
https://git.kernel.org/stable/c/e15fd96c0b701c53f9006bcc836…
https://git.kernel.org/stable/c/e15fd96c0b701c53f9006bcc836eaeb35a05a023
https://git.kernel.org/stable/c/e44189455c62469eb91d383ce91…
https://git.kernel.org/stable/c/e44189455c62469eb91d383ce9103d54c1f807a3
https://git.kernel.org/stable/c/e56aac6e5a25630645607b6856d…
https://git.kernel.org/stable/c/e56aac6e5a25630645607b6856d4b2a17b2311a5
https://git.kernel.org/stable/c/ef92cd55289a282910575c5b9d8…
https://git.kernel.org/stable/c/ef92cd55289a282910575c5b9d87f646f2d39b38
https://lists.debian.org/debian-lts-announce/2025/08/msg000…
https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html
https://lists.debian.org/debian-lts-announce/2025/10/msg000…
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html