CVE-2024-58002 – This CVE describes a use-after-free vulnerabili... (How to Fix)

Q: What is the severity of CVE-2024-58002?

CVE-2024-58002 has a CVSS score of 7.8 (HIGH). This CVE describes a use-after-free vulnerability in the Linux kernel's UVC video driver where dangling pointers remain after file descriptor closure during async control operations. Attackers could potentially exploit this to cause kernel crashes or execute arbitrary code. All Linux systems using the affected UVC driver are vulnerable.

📋 TL;DR

This CVE describes a use-after-free vulnerability in the Linux kernel's UVC video driver where dangling pointers remain after file descriptor closure during async control operations. Attackers could potentially exploit this to cause kernel crashes or execute arbitrary code. All Linux systems using the affected UVC driver are vulnerable.

💻 Affected Systems

Products:

Linux kernel with UVC video driver

Versions: Specific affected kernel versions not specified in CVE description; check kernel commit history for exact ranges.

Operating Systems: Linux distributions using vulnerable kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Requires UVC-compatible USB video device to trigger the vulnerability; systems without such devices are not vulnerable.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash or potential arbitrary code execution with kernel privileges, resulting in complete system compromise.

🟠

Likely Case

System instability, kernel crashes, or denial of service affecting video functionality and potentially the entire system.

🟢

If Mitigated

Minimal impact with proper patching; systems remain stable with no security risk.

🌐 Internet-Facing: LOW - Requires local access to exploit via USB video device interaction.

🏢 Internal Only: MEDIUM - Local attackers with physical or remote shell access could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires local access and interaction with USB video devices; timing and memory manipulation needed for code execution.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits: 117f7a2975baa4b7d702d3f4830d5a4ebd0c6d50, 221cd51efe4565501a3dbf04cc011b537dcce7fb, 2a29413ace64627e178fd422dd8a5d95219a2c0b, 438bda062b2c40ddd7df23b932e29ffe0a448cac, 4dbaa738c583a0e947803c69e8996e88cf98d971

Vendor Advisory: https://git.kernel.org/stable/c/117f7a2975baa4b7d702d3f4830d5a4ebd0c6d50

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.

🔧 Temporary Workarounds

Disable UVC video driver

Linux

Prevent loading of vulnerable UVC driver module

echo 'blacklist uvcvideo' >> /etc/modprobe.d/blacklist-uvc.conf
rmmod uvcvideo

Restrict USB device access

Linux

Limit which users can access USB video devices

chmod 600 /dev/video*
setfacl -m u:username:rw /dev/video*

🧯 If You Can't Patch

Restrict physical access to USB ports to prevent malicious device insertion
Implement strict user privilege separation to limit who can access video devices

🔍 How to Verify

Check if Vulnerable:

Check if UVC driver is loaded: lsmod | grep uvcvideo. If loaded and kernel version is unpatched, system is vulnerable.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the fix commits or is newer than patched versions from your distribution.

📡 Detection & Monitoring

Log Indicators:

Kernel oops messages in /var/log/kern.log or dmesg
System crashes or instability when using USB video devices

Network Indicators:

No network indicators - local vulnerability only

SIEM Query:

source="kernel" AND ("uvcvideo" OR "use-after-free" OR "kernel panic")

📊 Metadata

CVE ID: CVE-2024-58002

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-416

EPSS Score: 0.05% exploit probability (16.5th percentile)

Published: February 27, 2025

Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-58002, you might also want to check these: