Safeguard for Privileged Sessions versions, 7.5.x and 8.x are affected by the In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating dev->config. This can lead to out-of-bounds accesses later, e.g. in usb_destroy_configuration.
More information about this vulnerability can be found at:
https://nvd.nist.gov/vuln/detail/CVE-2024-53150
https://nvd.nist.gov/vuln/detail/CVE-2024-53197
This is an industry-wide vulnerability and is not specific to One Identity Safeguard for Privileged Sessions.
No version of SPS is vulnerable to CVE-2024-53197 & CVE-2024-53150, as this vulnerability relies on a USB audio driver, which is not included in SPS.
© 2025 One Identity LLC. ALL RIGHTS RESERVED. Conditions d’utilisation Confidentialité Cookie Preference Center