CVE-2024-50108 is a vulnerability identified in the Linux kernel specifically related to the Direct Rendering Manager (DRM) AMD display driver subsystem. The issue arises with the Panel Self Refresh - Sub-Update (PSR-SU) feature when used with the Parade 08-01 Timing Controller (TCON). PSR-SU is a power-saving feature designed to reduce power consumption by allowing the display panel to refresh itself without continuous input from the GPU. Stuart Hayhurst discovered that enabling PSR-SU on systems using the Parade 08-01 TCON causes black screen flashes lasting approximately one second during bootup and fullscreen video playback via the Video Acceleration API (VA-API). Additionally, kernel warning traces are generated when the function dmub_psr_enable() is called, indicating instability or malfunction in the display driver stack. The immediate mitigation implemented was to disable PSR-SU for the Parade 08-01 TCON to prevent these symptoms while further analysis of DMUB (Display Microcontroller Unit B) traces is conducted to identify the root cause. This vulnerability does not appear to be exploitable for code execution or privilege escalation but affects system stability and user experience by causing temporary display blackouts and kernel warnings. The affected Linux kernel versions include those containing the commit identified by hash 9dd941015718c1387d6f7f61bd4394d38d273c50. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet. The vulnerability is primarily a reliability and availability issue impacting graphical display functionality on affected hardware configurations.

For European organizations, the impact of CVE-2024-50108 is primarily on system availability and user productivity rather than direct security compromise. Organizations using Linux systems with AMD GPUs paired with Parade 08-01 TCON hardware for display output may experience intermittent black screen flashes during boot or fullscreen video playback, which could disrupt operations, especially in environments relying on video conferencing, digital signage, or multimedia processing. The kernel warnings may also complicate system monitoring and troubleshooting efforts. While this vulnerability does not expose systems to remote code execution or data breaches, the degraded user experience and potential for system instability could affect sectors such as media production, broadcasting, and any industry relying on Linux-based workstations or servers with graphical output. The lack of known exploits reduces immediate risk, but organizations should remain vigilant and apply patches or mitigations promptly to maintain system reliability.

To mitigate CVE-2024-50108, European organizations should: 1) Identify Linux systems utilizing AMD GPUs with Parade 08-01 TCON hardware by auditing hardware inventory and driver configurations. 2) Apply the latest Linux kernel updates that include the patch disabling PSR-SU for the affected TCON, as indicated by the commit referenced in the advisory. 3) Temporarily disable PSR-SU manually if kernel updates are not immediately available, by configuring DRM or kernel parameters to prevent enabling PSR-SU on the Parade 08-01 TCON. 4) Monitor system logs for kernel warnings related to dmub_psr_enable() to detect any residual issues. 5) Coordinate with hardware vendors and Linux distribution maintainers for updates and further guidance. 6) Test critical systems after patching to ensure that disabling PSR-SU does not adversely affect other display functionalities. 7) Maintain robust backup and recovery procedures to minimize downtime in case of display-related failures. These steps go beyond generic patching advice by focusing on hardware-specific identification and configuration adjustments.