CVE-2025-38690

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/xe/migrate: prevent infinite recursion<br /> <br /> If the buf + offset is not aligned to XE_CAHELINE_BYTES we fallback to<br /> using a bounce buffer. However the bounce buffer here is allocated on<br /> the stack, and the only alignment requirement here is that it&amp;#39;s<br /> naturally aligned to u8, and not XE_CACHELINE_BYTES. If the bounce<br /> buffer is also misaligned we then recurse back into the function again,<br /> however the new bounce buffer might also not be aligned, and might never<br /> be until we eventually blow through the stack, as we keep recursing.<br /> <br /> Instead of using the stack use kmalloc, which should respect the<br /> power-of-two alignment request here. Fixes a kernel panic when<br /> triggering this path through eudebug.<br /> <br /> v2 (Stuart):<br /> - Add build bug check for power-of-two restriction<br /> - s/EINVAL/ENOMEM/<br /> <br /> (cherry picked from commit 38b34e928a08ba594c4bbf7118aa3aadacd62fff)