CVE-2024-38549

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/mediatek: Add 0 size check to mtk_drm_gem_obj

Add a check to mtk_drm_gem_init if we attempt to allocate a GEM object of 0 bytes. Currently, no such check exists and the kernel will panic if a userspace application attempts to allocate a 0x0 GBM buffer.

Tested by attempting to allocate a 0x0 GBM buffer on an MT8188 and verifying that we now return EINVAL.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux119f5173628aa7a0c3cf9db83460d40709e8241d < 79078880795478d551a05acc41f957700030d364affected
LinuxLinux119f5173628aa7a0c3cf9db83460d40709e8241d < be34a1b351ea7faeb15dde8c44fe89de3980ae67affected
LinuxLinux119f5173628aa7a0c3cf9db83460d40709e8241d < d17b75ee9c2e44d3a3682c4ea5ab713ea6073350affected
LinuxLinux119f5173628aa7a0c3cf9db83460d40709e8241d < 0e3b6f9123726858cac299e1654e3d20424cabe4affected
LinuxLinux119f5173628aa7a0c3cf9db83460d40709e8241d < 13562c2d48c9ee330de1077d00146742be368f05affected
LinuxLinux119f5173628aa7a0c3cf9db83460d40709e8241d < af26ea99019caee1500bf7e60c861136c0bf8594affected
LinuxLinux119f5173628aa7a0c3cf9db83460d40709e8241d < 9489951e3ae505534c4013db4e76b1b5a3151ac7affected
LinuxLinux119f5173628aa7a0c3cf9db83460d40709e8241d < fb4aabdb1b48c25d9e1ee28f89440fd2ce556405affected
LinuxLinux119f5173628aa7a0c3cf9db83460d40709e8241d < 1e4350095e8ab2577ee05f8c3b044e661b5af9a0affected
LinuxLinux4.7affected
LinuxLinux0 < 4.7unaffected
LinuxLinux4.19.316 <= 4.19.*unaffected
LinuxLinux5.4.278 <= 5.4.*unaffected
LinuxLinux5.10.219 <= 5.10.*unaffected
LinuxLinux5.15.161 <= 5.15.*unaffected
LinuxLinux6.1.93 <= 6.1.*unaffected
LinuxLinux6.6.33 <= 6.6.*unaffected
LinuxLinux6.8.12 <= 6.8.*unaffected
LinuxLinux6.9.3 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References