CVE-2025-39741

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/xe/migrate: don&amp;#39;t overflow max copy size<br /> <br /> With non-page aligned copy, we need to use 4 byte aligned pitch, however<br /> the size itself might still be close to our maximum of ~8M, and so the<br /> dimensions of the copy can easily exceed the S16_MAX limit of the copy<br /> command leading to the following assert:<br /> <br /> xe 0000:03:00.0: [drm] Assertion `size / pitch &gt; 1))` failed!<br /> platform: BATTLEMAGE subplatform: 1<br /> graphics: Xe2_HPG 20.01 step A0<br /> media: Xe2_HPM 13.01 step A1<br /> tile: 0 VRAM 10.0 GiB<br /> GT: 0 type 1<br /> <br /> WARNING: CPU: 23 PID: 10605 at drivers/gpu/drm/xe/xe_migrate.c:673 emit_copy+0x4b5/0x4e0 [xe]<br /> <br /> To fix this account for the pitch when calculating the number of current<br /> bytes to copy.<br /> <br /> (cherry picked from commit 8c2d61e0e916e077fda7e7b8e67f25ffe0f361fc)