{"id":"CVE-2024-38549","summary":"drm/mediatek: Add 0 size check to mtk_drm_gem_obj","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: Add 0 size check to mtk_drm_gem_obj\n\nAdd a check to mtk_drm_gem_init if we attempt to allocate a GEM object\nof 0 bytes. Currently, no such check exists and the kernel will panic if\na userspace application attempts to allocate a 0x0 GBM buffer.\n\nTested by attempting to allocate a 0x0 GBM buffer on an MT8188 and\nverifying that we now return EINVAL.","modified":"2026-03-20T12:37:05.174284Z","published":"2024-06-19T13:35:22.042Z","related":["MGASA-2024-0263","MGASA-2024-0266","SUSE-SU-2024:2360-1","SUSE-SU-2024:2372-1","SUSE-SU-2024:2381-1","SUSE-SU-2024:2394-1","SUSE-SU-2024:2561-1","SUSE-SU-2024:2571-1","SUSE-SU-2024:2896-1","SUSE-SU-2024:2939-1","SUSE-SU-2024:2973-1","SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38549.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0e3b6f9123726858cac299e1654e3d20424cabe4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/13562c2d48c9ee330de1077d00146742be368f05"},{"type":"WEB","url":"https://git.kernel.org/stable/c/1e4350095e8ab2577ee05f8c3b044e661b5af9a0"},{"type":"WEB","url":"https://git.kernel.org/stable/c/79078880795478d551a05acc41f957700030d364"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9489951e3ae505534c4013db4e76b1b5a3151ac7"},{"type":"WEB","url":"https://git.kernel.org/stable/c/af26ea99019caee1500bf7e60c861136c0bf8594"},{"type":"WEB","url":"https://git.kernel.org/stable/c/be34a1b351ea7faeb15dde8c44fe89de3980ae67"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d17b75ee9c2e44d3a3682c4ea5ab713ea6073350"},{"type":"WEB","url":"https://git.kernel.org/stable/c/fb4aabdb1b48c25d9e1ee28f89440fd2ce556405"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38549.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38549"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"119f5173628aa7a0c3cf9db83460d40709e8241d"},{"fixed":"79078880795478d551a05acc41f957700030d364"},{"fixed":"be34a1b351ea7faeb15dde8c44fe89de3980ae67"},{"fixed":"d17b75ee9c2e44d3a3682c4ea5ab713ea6073350"},{"fixed":"0e3b6f9123726858cac299e1654e3d20424cabe4"},{"fixed":"13562c2d48c9ee330de1077d00146742be368f05"},{"fixed":"af26ea99019caee1500bf7e60c861136c0bf8594"},{"fixed":"9489951e3ae505534c4013db4e76b1b5a3151ac7"},{"fixed":"fb4aabdb1b48c25d9e1ee28f89440fd2ce556405"},{"fixed":"1e4350095e8ab2577ee05f8c3b044e661b5af9a0"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-38549.json"}}],"schema_version":"1.7.5"}