CVE-2024-50090: 
Linux Debian vulnerability analysis and mitigation

In the Linux kernel, a vulnerability (CVE-2024-50090) has been identified and resolved in the drm/xe/oa component, specifically related to a buffer overflow issue. The vulnerability was discovered in the batch buffer handling mechanism where xebbcreatejob() by default appends a MIBATCHBUFFEREND to the batch buffer. While this works correctly for single-use buffers, it causes an overflow when the batch buffer is reused for the same metric, as it repeatedly appends MIBATCHBUFFER_END at each call (Kernel Patch).

The vulnerability manifests when the batch buffer is reused for the same metric, causing multiple MIBATCHBUFFEREND commands to be appended, leading to a buffer overflow condition. This results in an assertion failure: 'bb->len * 4 + bbprefetch(q->gt) <= size'. The issue affects systems running the Linux kernel with the Xe graphics driver, particularly on platforms like LUNARLAKE with Xe2LPG / Xe2HPG graphics (NVD). The vulnerability has been assigned a CVSS v3.1 base score of 5.5 MEDIUM (Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

The vulnerability can lead to a buffer overflow condition in the kernel's graphics subsystem, potentially causing system crashes or denial of service. The issue specifically affects the operation of the Xe graphics driver's OA (Output Analysis) functionality (Kernel Patch).

The vulnerability has been patched in the Linux kernel by modifying the xebbcreatejob() function to check if the batch buffer already has MIBATCHBUFFEREND before appending it. The fix involves adding a condition to verify the buffer's current state: 'if (bb->len == 0 || bb->cs[bb->len - 1] != MIBATCHBUFFEREND)' before appending the MIBATCHBUFFEREND command (Kernel Patch).