Vulnerabilities > CVE-2024-38549 - Unspecified vulnerability in Linux Kernel
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Add 0 size check to mtk_drm_gem_obj Add a check to mtk_drm_gem_init if we attempt to allocate a GEM object of 0 bytes. Currently, no such check exists and the kernel will panic if a userspace application attempts to allocate a 0x0 GBM buffer. Tested by attempting to allocate a 0x0 GBM buffer on an MT8188 and verifying that we now return EINVAL.
Vulnerable Configurations
References
- https://git.kernel.org/stable/c/79078880795478d551a05acc41f957700030d364
- https://git.kernel.org/stable/c/be34a1b351ea7faeb15dde8c44fe89de3980ae67
- https://git.kernel.org/stable/c/d17b75ee9c2e44d3a3682c4ea5ab713ea6073350
- https://git.kernel.org/stable/c/0e3b6f9123726858cac299e1654e3d20424cabe4
- https://git.kernel.org/stable/c/13562c2d48c9ee330de1077d00146742be368f05
- https://git.kernel.org/stable/c/af26ea99019caee1500bf7e60c861136c0bf8594
- https://git.kernel.org/stable/c/9489951e3ae505534c4013db4e76b1b5a3151ac7
- https://git.kernel.org/stable/c/fb4aabdb1b48c25d9e1ee28f89440fd2ce556405
- https://git.kernel.org/stable/c/1e4350095e8ab2577ee05f8c3b044e661b5af9a0