CVE-2024-46709: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-46709 affects the Linux kernel's DRM/VMWare graphics driver (vmwgfx). The vulnerability was discovered in the handling of external buffers in the prime functionality, where buffer mapping was not properly going through the dma_buf interface. This issue was disclosed on September 13, 2024, affecting Linux kernel versions from 6.6.29 up to 6.10.8 (NVD).

The vulnerability exists in the vmwgfx driver's buffer handling mechanism where external buffers were being accessed directly instead of through the proper dmabuf interface. External buffers might not provide direct access to readable/writable pages, necessitating the use of the dmabuf interface for proper buffer access. The issue has been assigned a CVSS v3.1 base score of 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can cause system crashes when using IGT's kms_prime with vgem. However, regular desktop usage is not affected as virtual machines typically do not have multiple GPUs. The primary impact is on testing coverage in IGT rather than normal operation (Kernel Patch).

The issue has been fixed in the Linux kernel through a patch that ensures external buffer mapping goes through the dma_buf interface instead of attempting direct page access. The fix has been implemented in various kernel versions including 6.8.0-50.51 for Ubuntu 24.04 LTS and corresponding versions for other distributions (Ubuntu).