CVE-2024-38549: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-38549 affects the Linux kernel's MediaTek DRM driver, specifically the mtkdrmgemobj component. The vulnerability was discovered when it was found that the kernel would panic if a userspace application attempted to allocate a 0x0 GBM buffer, due to missing size validation in the mtkdrmgeminit function. This issue was first reported on June 19, 2024, and affects Linux kernel versions from 4.7 up to versions before 4.19.316, 5.4.278, 5.10.219, and 5.15.161 (NVD).

The vulnerability exists in the mtkdrmgem_init function of the MediaTek DRM driver where there was no validation check for zero-sized GEM object allocations. When a userspace application attempts to allocate a GEM object of 0 bytes, the kernel would panic due to this missing validation. The issue has been assigned a CVSS v3.1 Base Score of 5.5 (Medium) with vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can lead to a kernel panic when a userspace application attempts to allocate a 0x0 GBM buffer, affecting system availability. The impact is limited to local attacks and requires local user privileges to exploit. There are no reported impacts on confidentiality or integrity of the system (NVD).

The vulnerability has been patched by adding a size validation check in the mtkdrmgem_init function. The fix returns EINVAL when attempting to allocate a GEM object of 0 bytes. The patch has been backported to multiple kernel versions and is available in the kernel versions 4.19.316, 5.4.278, 5.10.219, 5.15.161 and newer (NVD).