CVE-2024-50090 – A buffer overflow vulnerability in the Linux ke... (How to Fix)

Q: What is the severity of CVE-2024-50090?

CVE-2024-50090 has a CVSS score of 5.5 (MEDIUM). A buffer overflow vulnerability in the Linux kernel's Intel Xe GPU driver allows local attackers to cause kernel crashes or potentially execute arbitrary code. This affects systems with Intel Lunar Lake or newer Xe2 graphics hardware running vulnerable kernel versions. The vulnerability requires local access to the system.

📋 TL;DR

A buffer overflow vulnerability in the Linux kernel's Intel Xe GPU driver allows local attackers to cause kernel crashes or potentially execute arbitrary code. This affects systems with Intel Lunar Lake or newer Xe2 graphics hardware running vulnerable kernel versions. The vulnerability requires local access to the system.

💻 Affected Systems

Products:

Linux kernel with Intel Xe GPU driver (drm/xe)

Versions: Kernel versions containing the vulnerable code up to the fix commit 9ba0e0f30ca42a98af3689460063edfb6315718a

Operating Systems: Linux distributions with affected kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Requires Intel Lunar Lake (Xe2) or newer graphics hardware with OA (Observability Architecture) metrics enabled.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation leading to full system compromise via kernel code execution.

🟠

Likely Case

Kernel panic or system crash causing denial of service.

🟢

If Mitigated

Limited to denial of service with proper kernel hardening and privilege separation.

🌐 Internet-Facing: LOW - Requires local access to exploit.

🏢 Internal Only: MEDIUM - Local users or compromised accounts could exploit this.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and knowledge of GPU driver internals. The warning message in logs indicates potential exploitation attempts.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel with commit 9ba0e0f30ca42a98af3689460063edfb6315718a or later

Vendor Advisory: https://git.kernel.org/stable/c/6c10ba06bb1b48acce6d4d9c1e33beb9954f1788

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commit. 2. For distributions: Use package manager (apt/yum/dnf) to update kernel. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable OA metrics

linux

Prevent reuse of OA batch buffers by disabling observability metrics

echo 0 > /sys/module/xe/parameters/enable_oa

🧯 If You Can't Patch

Restrict local user access to systems with vulnerable hardware
Monitor kernel logs for the specific warning message and investigate any occurrences

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if using Intel Xe2 graphics. Look for kernel logs containing 'Assertion `bb->len * 4 + bb_prefetch(q->gt) <= size` failed!'

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commit 9ba0e0f30ca42a98af3689460063edfb6315718a or later

📡 Detection & Monitoring

Log Indicators:

[drm] Assertion `bb->len * 4 + bb_prefetch(q->gt) <= size` failed!
kernel panic or oops messages related to drm/xe

Network Indicators:

None - local vulnerability only

SIEM Query:

source="kernel" AND "Assertion `bb->len * 4 + bb_prefetch(q->gt) <= size` failed!"

📊 Metadata

CVE ID: CVE-2024-50090

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-120

Published: November 5, 2024

Last Updated: February 18, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-50090, you might also want to check these: