5.5
MEDIUM
CVE-2024-38549
Mediatek Linux Kernel Panic in Drupal Due to Unchecked GEM Allocation Size
Description

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Add 0 size check to mtk_drm_gem_obj Add a check to mtk_drm_gem_init if we attempt to allocate a GEM object of 0 bytes. Currently, no such check exists and the kernel will panic if a userspace application attempts to allocate a 0x0 GBM buffer. Tested by attempting to allocate a 0x0 GBM buffer on an MT8188 and verifying that we now return EINVAL.

INFO

Published Date :

June 19, 2024, 2:15 p.m.

Last Modified :

Aug. 27, 2024, 7:57 p.m.

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Remotely Exploitable :

No

Impact Score :

3.6

Exploitability Score :

1.8
Affected Products

The following products are affected by CVE-2024-38549 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Linux linux_kernel
: Total Affected Vendor : 1 | Products : 1
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2024-38549.

URL Resource
https://git.kernel.org/stable/c/0e3b6f9123726858cac299e1654e3d20424cabe4 Patch
https://git.kernel.org/stable/c/13562c2d48c9ee330de1077d00146742be368f05 Patch
https://git.kernel.org/stable/c/1e4350095e8ab2577ee05f8c3b044e661b5af9a0 Patch
https://git.kernel.org/stable/c/79078880795478d551a05acc41f957700030d364 Patch
https://git.kernel.org/stable/c/9489951e3ae505534c4013db4e76b1b5a3151ac7 Patch
https://git.kernel.org/stable/c/af26ea99019caee1500bf7e60c861136c0bf8594 Patch
https://git.kernel.org/stable/c/be34a1b351ea7faeb15dde8c44fe89de3980ae67 Patch
https://git.kernel.org/stable/c/d17b75ee9c2e44d3a3682c4ea5ab713ea6073350 Patch
https://git.kernel.org/stable/c/fb4aabdb1b48c25d9e1ee28f89440fd2ce556405 Patch

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-38549 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2024-38549 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • Initial Analysis by [email protected]

    Aug. 27, 2024

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
    Changed Reference Type https://git.kernel.org/stable/c/0e3b6f9123726858cac299e1654e3d20424cabe4 No Types Assigned https://git.kernel.org/stable/c/0e3b6f9123726858cac299e1654e3d20424cabe4 Patch
    Changed Reference Type https://git.kernel.org/stable/c/13562c2d48c9ee330de1077d00146742be368f05 No Types Assigned https://git.kernel.org/stable/c/13562c2d48c9ee330de1077d00146742be368f05 Patch
    Changed Reference Type https://git.kernel.org/stable/c/1e4350095e8ab2577ee05f8c3b044e661b5af9a0 No Types Assigned https://git.kernel.org/stable/c/1e4350095e8ab2577ee05f8c3b044e661b5af9a0 Patch
    Changed Reference Type https://git.kernel.org/stable/c/79078880795478d551a05acc41f957700030d364 No Types Assigned https://git.kernel.org/stable/c/79078880795478d551a05acc41f957700030d364 Patch
    Changed Reference Type https://git.kernel.org/stable/c/9489951e3ae505534c4013db4e76b1b5a3151ac7 No Types Assigned https://git.kernel.org/stable/c/9489951e3ae505534c4013db4e76b1b5a3151ac7 Patch
    Changed Reference Type https://git.kernel.org/stable/c/af26ea99019caee1500bf7e60c861136c0bf8594 No Types Assigned https://git.kernel.org/stable/c/af26ea99019caee1500bf7e60c861136c0bf8594 Patch
    Changed Reference Type https://git.kernel.org/stable/c/be34a1b351ea7faeb15dde8c44fe89de3980ae67 No Types Assigned https://git.kernel.org/stable/c/be34a1b351ea7faeb15dde8c44fe89de3980ae67 Patch
    Changed Reference Type https://git.kernel.org/stable/c/d17b75ee9c2e44d3a3682c4ea5ab713ea6073350 No Types Assigned https://git.kernel.org/stable/c/d17b75ee9c2e44d3a3682c4ea5ab713ea6073350 Patch
    Changed Reference Type https://git.kernel.org/stable/c/fb4aabdb1b48c25d9e1ee28f89440fd2ce556405 No Types Assigned https://git.kernel.org/stable/c/fb4aabdb1b48c25d9e1ee28f89440fd2ce556405 Patch
    Added CWE NIST NVD-CWE-noinfo
    Added CPE Configuration OR *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.7 up to (excluding) 4.19.316 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.20 up to (excluding) 5.4.278 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.5 up to (excluding) 5.10.219 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.11 up to (excluding) 5.15.161 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.16 up to (excluding) 6.1.93 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.2 up to (excluding) 6.6.33 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.7 up to (excluding) 6.8.12 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.9 up to (excluding) 6.9.3
  • CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Jul. 15, 2024

    Action Type Old Value New Value
    Removed Reference kernel.org https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
  • CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Jun. 27, 2024

    Action Type Old Value New Value
    Added Reference kernel.org https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html [No types assigned]
  • CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Jun. 19, 2024

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Add 0 size check to mtk_drm_gem_obj Add a check to mtk_drm_gem_init if we attempt to allocate a GEM object of 0 bytes. Currently, no such check exists and the kernel will panic if a userspace application attempts to allocate a 0x0 GBM buffer. Tested by attempting to allocate a 0x0 GBM buffer on an MT8188 and verifying that we now return EINVAL.
    Added Reference kernel.org https://git.kernel.org/stable/c/79078880795478d551a05acc41f957700030d364 [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/be34a1b351ea7faeb15dde8c44fe89de3980ae67 [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/d17b75ee9c2e44d3a3682c4ea5ab713ea6073350 [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/0e3b6f9123726858cac299e1654e3d20424cabe4 [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/13562c2d48c9ee330de1077d00146742be368f05 [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/af26ea99019caee1500bf7e60c861136c0bf8594 [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/9489951e3ae505534c4013db4e76b1b5a3151ac7 [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/fb4aabdb1b48c25d9e1ee28f89440fd2ce556405 [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/1e4350095e8ab2577ee05f8c3b044e661b5af9a0 [No types assigned]
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-38549 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2024-38549 weaknesses.

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
: