CVE - CVE-2024-38549

CVE-ID
CVE-2024-38549	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Add 0 size check to mtk_drm_gem_obj Add a check to mtk_drm_gem_init if we attempt to allocate a GEM object of 0 bytes. Currently, no such check exists and the kernel will panic if a userspace application attempts to allocate a 0x0 GBM buffer. Tested by attempting to allocate a 0x0 GBM buffer on an MT8188 and verifying that we now return EINVAL.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/0e3b6f9123726858cac299e1654e3d20424cabe4 URL:https://git.kernel.org/stable/c/0e3b6f9123726858cac299e1654e3d20424cabe4 MISC:https://git.kernel.org/stable/c/13562c2d48c9ee330de1077d00146742be368f05 URL:https://git.kernel.org/stable/c/13562c2d48c9ee330de1077d00146742be368f05 MISC:https://git.kernel.org/stable/c/1e4350095e8ab2577ee05f8c3b044e661b5af9a0 URL:https://git.kernel.org/stable/c/1e4350095e8ab2577ee05f8c3b044e661b5af9a0 MISC:https://git.kernel.org/stable/c/79078880795478d551a05acc41f957700030d364 URL:https://git.kernel.org/stable/c/79078880795478d551a05acc41f957700030d364 MISC:https://git.kernel.org/stable/c/9489951e3ae505534c4013db4e76b1b5a3151ac7 URL:https://git.kernel.org/stable/c/9489951e3ae505534c4013db4e76b1b5a3151ac7 MISC:https://git.kernel.org/stable/c/af26ea99019caee1500bf7e60c861136c0bf8594 URL:https://git.kernel.org/stable/c/af26ea99019caee1500bf7e60c861136c0bf8594 MISC:https://git.kernel.org/stable/c/be34a1b351ea7faeb15dde8c44fe89de3980ae67 URL:https://git.kernel.org/stable/c/be34a1b351ea7faeb15dde8c44fe89de3980ae67 MISC:https://git.kernel.org/stable/c/d17b75ee9c2e44d3a3682c4ea5ab713ea6073350 URL:https://git.kernel.org/stable/c/d17b75ee9c2e44d3a3682c4ea5ab713ea6073350 MISC:https://git.kernel.org/stable/c/fb4aabdb1b48c25d9e1ee28f89440fd2ce556405 URL:https://git.kernel.org/stable/c/fb4aabdb1b48c25d9e1ee28f89440fd2ce556405 MLIST:[debian-lts-announce] 20240627 [SECURITY] [DLA 3840-1] linux security update URL:https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
Assigning CNA
kernel.org
Date Record Created
20240618	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240618)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.