UBUNTU-CVE-2024-50090

Description

In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Fix overflow in oa batch buffer By default xe_bb_create_job() appends a MI_BATCH_BUFFER_END to batch buffer, this is not a problem if batch buffer is only used once but oa reuses the batch buffer for the same metric and at each call it appends a MI_BATCH_BUFFER_END, printing the warning below and then overflowing. [ 381.072016] ------------[ cut here ]------------ [ 381.072019] xe 0000:00:02.0: [drm] Assertion `bb->len * 4 + bb_prefetch(q->gt) <= size` failed! platform: LUNARLAKE subplatform: 1 graphics: Xe2_LPG / Xe2_HPG 20.04 step B0 media: Xe2_LPM / Xe2_HPM 20.00 step B0 tile: 0 VRAM 0 B GT: 0 type 1 So here checking if batch buffer already have MI_BATCH_BUFFER_END if not append it. v2: - simply fix, suggestion from Ashutosh (cherry picked from commit 9ba0e0f30ca42a98af3689460063edfb6315718a)

CVSS Metrics

• v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Systems

• ubuntu•linux

  < 6.8.0-56.58

• ubuntu•linux-allwinner-5.19

  all

• ubuntu•linux-aws

  < 6.8.0-1025.27

• ubuntu•linux-aws-5.0

  all

• ubuntu•linux-aws-5.11

  all

• ubuntu•linux-aws-5.13

  all

• ubuntu•linux-aws-5.19

  all

• ubuntu•linux-aws-5.3

  all

• ubuntu•linux-aws-5.8

  all

• ubuntu•linux-aws-6.2

  all

• ubuntu•linux-aws-6.5

  all

• ubuntu•linux-aws-6.8

  < 6.8.0-1027.29~22.04.1

• ubuntu•linux-azure

  all | < 6.8.0-1025.30

• ubuntu•linux-azure-5.11

  all

• ubuntu•linux-azure-5.13

  all

• ubuntu•linux-azure-5.19

  all

• ubuntu•linux-azure-5.3

  all

• ubuntu•linux-azure-5.8

  all

• ubuntu•linux-azure-6.11

  < 6.11.0-1012.12~24.04.1

• ubuntu•linux-azure-6.2

  all

• ubuntu•linux-azure-6.5

  all

• ubuntu•linux-azure-6.8

  < 6.8.0-1025.30~22.04.1

• ubuntu•linux-azure-edge

  all

• ubuntu•linux-azure-fde

  all

• ubuntu•linux-azure-fde-5.19

  all

• ubuntu•linux-azure-fde-6.2

  all

• ubuntu•linux-azure-nvidia

  < 6.8.0-1014.15

• ubuntu•linux-fips

  < 6.8.0-78.78+fips1

• ubuntu•linux-gcp

  all | < 6.8.0-1026.28

• ubuntu•linux-gcp-5.11

  all

• ubuntu•linux-gcp-5.13

  all

• ubuntu•linux-gcp-5.19

  all

• ubuntu•linux-gcp-5.3

  all

• ubuntu•linux-gcp-5.8

  all

• ubuntu•linux-gcp-6.11

  < 6.11.0-1011.11~24.04.1

• ubuntu•linux-gcp-6.2

  all

• ubuntu•linux-gcp-6.5

  all

• ubuntu•linux-gcp-6.8

  < 6.8.0-1026.28~22.04.1

• ubuntu•linux-gke

  all | < 6.8.0-1021.25

• ubuntu•linux-gke-4.15

  all

• ubuntu•linux-gke-5.15

  all

• ubuntu•linux-gke-5.4

  all

• ubuntu•linux-gkeop

  all | < 6.8.0-1008.10

• ubuntu•linux-gkeop-5.15

  all

• ubuntu•linux-gkeop-5.4

  all

• ubuntu•linux-hwe

  all

• ubuntu•linux-hwe-5.11

  all

• ubuntu•linux-hwe-5.13

  all

• ubuntu•linux-hwe-5.19

  all

• ubuntu•linux-hwe-5.8

  all

Showing first 50 affected entries in server-rendered view.

References (19)

• https://ubuntu.com/security/CVE-2024-50090
• https://www.cve.org/CVERecord?id=CVE-2024-50090
• https://git.kernel.org/linus/6c10ba06bb1b48acce6d4d9c1e33beb9954f1788
• https://git.kernel.org/stable/c/bcb5be3421705e682b0b32073ad627056d6bc2a2
• https://git.kernel.org/stable/c/6c10ba06bb1b48acce6d4d9c1e33beb9954f1788
• https://ubuntu.com/security/notices/USN-7276-1
• https://ubuntu.com/security/notices/USN-7277-1
• https://ubuntu.com/security/notices/USN-7310-1
• https://ubuntu.com/security/notices/USN-7383-1
• https://ubuntu.com/security/notices/USN-7384-1
• https://ubuntu.com/security/notices/USN-7385-1
• https://ubuntu.com/security/notices/USN-7386-1
• https://ubuntu.com/security/notices/USN-7383-2
• https://ubuntu.com/security/notices/USN-7384-2
• https://ubuntu.com/security/notices/USN-7403-1
• https://ubuntu.com/security/notices/USN-7451-1
• https://ubuntu.com/security/notices/USN-7468-1
• https://ubuntu.com/security/notices/USN-7523-1
• https://ubuntu.com/security/notices/USN-7524-1