Ubuntu: (Multiple Advisories) (CVE-2024-38549): Linux kernel vulnerabilities
4
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
06/19/2024
08/10/2024
08/09/2024
08/15/2024
Description
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Add 0 size check to mtk_drm_gem_obj Add a check to mtk_drm_gem_init if we attempt to allocate a GEM object of 0 bytes. Currently, no such check exists and the kernel will panic if a userspace application attempts to allocate a 0x0 GBM buffer. Tested by attempting to allocate a 0x0 GBM buffer on an MT8188 and verifying that we now return EINVAL.
Solution(s)
- ubuntu-upgrade-linux-image-5-4-0-1042-iot
- ubuntu-upgrade-linux-image-5-4-0-1049-xilinx-zynqmp
- ubuntu-upgrade-linux-image-5-4-0-1077-ibm
- ubuntu-upgrade-linux-image-5-4-0-1097-gkeop
- ubuntu-upgrade-linux-image-5-4-0-1114-raspi
- ubuntu-upgrade-linux-image-5-4-0-1118-kvm
- ubuntu-upgrade-linux-image-5-4-0-1129-oracle
- ubuntu-upgrade-linux-image-5-4-0-1130-aws
- ubuntu-upgrade-linux-image-5-4-0-1134-gcp
- ubuntu-upgrade-linux-image-5-4-0-1135-azure
- ubuntu-upgrade-linux-image-5-4-0-192-generic
- ubuntu-upgrade-linux-image-5-4-0-192-generic-lpae
- ubuntu-upgrade-linux-image-5-4-0-192-lowlatency
- ubuntu-upgrade-linux-image-6-8-0-1008-gke
- ubuntu-upgrade-linux-image-6-8-0-1009-raspi
- ubuntu-upgrade-linux-image-6-8-0-1010-ibm
- ubuntu-upgrade-linux-image-6-8-0-1010-oem
- ubuntu-upgrade-linux-image-6-8-0-1010-oracle
- ubuntu-upgrade-linux-image-6-8-0-1010-oracle-64k
- ubuntu-upgrade-linux-image-6-8-0-1011-nvidia
- ubuntu-upgrade-linux-image-6-8-0-1011-nvidia-64k
- ubuntu-upgrade-linux-image-6-8-0-1011-nvidia-lowlatency
- ubuntu-upgrade-linux-image-6-8-0-1011-nvidia-lowlatency-64k
- ubuntu-upgrade-linux-image-6-8-0-1012-gcp
- ubuntu-upgrade-linux-image-6-8-0-1013-aws
- ubuntu-upgrade-linux-image-6-8-0-40-generic
- ubuntu-upgrade-linux-image-6-8-0-40-generic-64k
- ubuntu-upgrade-linux-image-6-8-0-40-lowlatency
- ubuntu-upgrade-linux-image-6-8-0-40-lowlatency-64k
- ubuntu-upgrade-linux-image-aws
- ubuntu-upgrade-linux-image-aws-lts-20-04
- ubuntu-upgrade-linux-image-azure-lts-20-04
- ubuntu-upgrade-linux-image-gcp
- ubuntu-upgrade-linux-image-gcp-lts-20-04
- ubuntu-upgrade-linux-image-generic
- ubuntu-upgrade-linux-image-generic-64k
- ubuntu-upgrade-linux-image-generic-64k-hwe-24-04
- ubuntu-upgrade-linux-image-generic-hwe-18-04
- ubuntu-upgrade-linux-image-generic-hwe-24-04
- ubuntu-upgrade-linux-image-generic-lpae
- ubuntu-upgrade-linux-image-gke
- ubuntu-upgrade-linux-image-gkeop
- ubuntu-upgrade-linux-image-gkeop-5-4
- ubuntu-upgrade-linux-image-ibm
- ubuntu-upgrade-linux-image-ibm-classic
- ubuntu-upgrade-linux-image-ibm-lts-20-04
- ubuntu-upgrade-linux-image-ibm-lts-24-04
- ubuntu-upgrade-linux-image-kvm
- ubuntu-upgrade-linux-image-lowlatency
- ubuntu-upgrade-linux-image-lowlatency-64k
- ubuntu-upgrade-linux-image-lowlatency-hwe-18-04
- ubuntu-upgrade-linux-image-nvidia
- ubuntu-upgrade-linux-image-nvidia-6-8
- ubuntu-upgrade-linux-image-nvidia-64k
- ubuntu-upgrade-linux-image-nvidia-64k-6-8
- ubuntu-upgrade-linux-image-nvidia-lowlatency
- ubuntu-upgrade-linux-image-nvidia-lowlatency-64k
- ubuntu-upgrade-linux-image-oem
- ubuntu-upgrade-linux-image-oem-24-04
- ubuntu-upgrade-linux-image-oem-24-04a
- ubuntu-upgrade-linux-image-oem-osp1
- ubuntu-upgrade-linux-image-oracle
- ubuntu-upgrade-linux-image-oracle-64k
- ubuntu-upgrade-linux-image-oracle-lts-20-04
- ubuntu-upgrade-linux-image-raspi
- ubuntu-upgrade-linux-image-raspi2
- ubuntu-upgrade-linux-image-snapdragon-hwe-18-04
- ubuntu-upgrade-linux-image-virtual
- ubuntu-upgrade-linux-image-virtual-hwe-18-04
- ubuntu-upgrade-linux-image-virtual-hwe-24-04
- ubuntu-upgrade-linux-image-xilinx-zynqmp
Advanced vulnerability management analytics and reporting.
Key Features
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center