Summary: The Cybersecurity and Infrastructure Security Agency (CISA) has identified two newly discovered Linux kernel vulnerabilities, CVE-2024-53197 and CVE-2024-53150, which are actively being weaponized. These vulnerabilities are part of a zero-day exploit chain allegedly utilized by Cellebrite and Serbian law enforcement to unlock Android devices. CISA has mandated that federal agencies patch affected systems by April 30, 2025, underlining the significant risks posed by these flaws.
Affected: Federal Civilian Executive Branch (FCEB) agencies
Keypoints :
- CVE-2024-53197 is a high-severity out-of-bounds access vulnerability in the Linux USB-audio driver.
- CVE-2024-53150 allows local attackers to leak sensitive data without user interaction.
- Both vulnerabilities are part of an exploit chain that facilitates the forcible unlocking of Android devices.
- CISA’s directive requires all FCEB agencies to patch systems by April 30, 2025.
- The vulnerabilities highlight the risks associated with USB attack surfaces for mobile devices.