cve-2024-50111
Vulnerability from cvelistv5
Published
2024-11-05 17:10
Modified
2024-12-19 09:33
Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
LoongArch: Enable IRQ if do_ale() triggered in irq-enabled context
Unaligned access exception can be triggered in irq-enabled context such
as user mode, in this case do_ale() may call get_user() which may cause
sleep. Then we will get:
BUG: sleeping function called from invalid context at arch/loongarch/kernel/access-helper.h:7
in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 129, name: modprobe
preempt_count: 0, expected: 0
RCU nest depth: 0, expected: 0
CPU: 0 UID: 0 PID: 129 Comm: modprobe Tainted: G W 6.12.0-rc1+ #1723
Tainted: [W]=WARN
Stack : 9000000105e0bd48 0000000000000000 9000000003803944 9000000105e08000
9000000105e0bc70 9000000105e0bc78 0000000000000000 0000000000000000
9000000105e0bc78 0000000000000001 9000000185e0ba07 9000000105e0b890
ffffffffffffffff 9000000105e0bc78 73924b81763be05b 9000000100194500
000000000000020c 000000000000000a 0000000000000000 0000000000000003
00000000000023f0 00000000000e1401 00000000072f8000 0000007ffbb0e260
0000000000000000 0000000000000000 9000000005437650 90000000055d5000
0000000000000000 0000000000000003 0000007ffbb0e1f0 0000000000000000
0000005567b00490 0000000000000000 9000000003803964 0000007ffbb0dfec
00000000000000b0 0000000000000007 0000000000000003 0000000000071c1d
...
Call Trace:
[<9000000003803964>] show_stack+0x64/0x1a0
[<9000000004c57464>] dump_stack_lvl+0x74/0xb0
[<9000000003861ab4>] __might_resched+0x154/0x1a0
[<900000000380c96c>] emulate_load_store_insn+0x6c/0xf60
[<9000000004c58118>] do_ale+0x78/0x180
[<9000000003801bc8>] handle_ale+0x128/0x1e0
So enable IRQ if unaligned access exception is triggered in irq-enabled
context to fix it.
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/loongarch/kernel/traps.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "8915ed160dbd32b5ef5864df9a9fc11db83a77bb",
"status": "affected",
"version": "fa96b57c149061f71a70bd6582d995f6424fbbf4",
"versionType": "git"
},
{
"lessThan": "afbfb3568d78082078acc8bb2b29bb47af87253c",
"status": "affected",
"version": "fa96b57c149061f71a70bd6582d995f6424fbbf4",
"versionType": "git"
},
{
"lessThan": "69cc6fad5df4ce652d969be69acc60e269e5eea1",
"status": "affected",
"version": "fa96b57c149061f71a70bd6582d995f6424fbbf4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/loongarch/kernel/traps.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.19"
},
{
"lessThan": "5.19",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.59",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: Enable IRQ if do_ale() triggered in irq-enabled context\n\nUnaligned access exception can be triggered in irq-enabled context such\nas user mode, in this case do_ale() may call get_user() which may cause\nsleep. Then we will get:\n\n BUG: sleeping function called from invalid context at arch/loongarch/kernel/access-helper.h:7\n in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 129, name: modprobe\n preempt_count: 0, expected: 0\n RCU nest depth: 0, expected: 0\n CPU: 0 UID: 0 PID: 129 Comm: modprobe Tainted: G W 6.12.0-rc1+ #1723\n Tainted: [W]=WARN\n Stack : 9000000105e0bd48 0000000000000000 9000000003803944 9000000105e08000\n 9000000105e0bc70 9000000105e0bc78 0000000000000000 0000000000000000\n 9000000105e0bc78 0000000000000001 9000000185e0ba07 9000000105e0b890\n ffffffffffffffff 9000000105e0bc78 73924b81763be05b 9000000100194500\n 000000000000020c 000000000000000a 0000000000000000 0000000000000003\n 00000000000023f0 00000000000e1401 00000000072f8000 0000007ffbb0e260\n 0000000000000000 0000000000000000 9000000005437650 90000000055d5000\n 0000000000000000 0000000000000003 0000007ffbb0e1f0 0000000000000000\n 0000005567b00490 0000000000000000 9000000003803964 0000007ffbb0dfec\n 00000000000000b0 0000000000000007 0000000000000003 0000000000071c1d\n ...\n Call Trace:\n [\u003c9000000003803964\u003e] show_stack+0x64/0x1a0\n [\u003c9000000004c57464\u003e] dump_stack_lvl+0x74/0xb0\n [\u003c9000000003861ab4\u003e] __might_resched+0x154/0x1a0\n [\u003c900000000380c96c\u003e] emulate_load_store_insn+0x6c/0xf60\n [\u003c9000000004c58118\u003e] do_ale+0x78/0x180\n [\u003c9000000003801bc8\u003e] handle_ale+0x128/0x1e0\n\nSo enable IRQ if unaligned access exception is triggered in irq-enabled\ncontext to fix it."
}
],
"providerMetadata": {
"dateUpdated": "2024-12-19T09:33:18.897Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8915ed160dbd32b5ef5864df9a9fc11db83a77bb"
},
{
"url": "https://git.kernel.org/stable/c/afbfb3568d78082078acc8bb2b29bb47af87253c"
},
{
"url": "https://git.kernel.org/stable/c/69cc6fad5df4ce652d969be69acc60e269e5eea1"
}
],
"title": "LoongArch: Enable IRQ if do_ale() triggered in irq-enabled context",
"x_generator": {
"engine": "bippy-5f407fcff5a0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-50111",
"datePublished": "2024-11-05T17:10:43.981Z",
"dateReserved": "2024-10-21T19:36:19.947Z",
"dateUpdated": "2024-12-19T09:33:18.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-50111\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-11-05T18:15:14.433\",\"lastModified\":\"2024-11-08T20:32:08.217\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nLoongArch: Enable IRQ if do_ale() triggered in irq-enabled context\\n\\nUnaligned access exception can be triggered in irq-enabled context such\\nas user mode, in this case do_ale() may call get_user() which may cause\\nsleep. Then we will get:\\n\\n BUG: sleeping function called from invalid context at arch/loongarch/kernel/access-helper.h:7\\n in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 129, name: modprobe\\n preempt_count: 0, expected: 0\\n RCU nest depth: 0, expected: 0\\n CPU: 0 UID: 0 PID: 129 Comm: modprobe Tainted: G W 6.12.0-rc1+ #1723\\n Tainted: [W]=WARN\\n Stack : 9000000105e0bd48 0000000000000000 9000000003803944 9000000105e08000\\n 9000000105e0bc70 9000000105e0bc78 0000000000000000 0000000000000000\\n 9000000105e0bc78 0000000000000001 9000000185e0ba07 9000000105e0b890\\n ffffffffffffffff 9000000105e0bc78 73924b81763be05b 9000000100194500\\n 000000000000020c 000000000000000a 0000000000000000 0000000000000003\\n 00000000000023f0 00000000000e1401 00000000072f8000 0000007ffbb0e260\\n 0000000000000000 0000000000000000 9000000005437650 90000000055d5000\\n 0000000000000000 0000000000000003 0000007ffbb0e1f0 0000000000000000\\n 0000005567b00490 0000000000000000 9000000003803964 0000007ffbb0dfec\\n 00000000000000b0 0000000000000007 0000000000000003 0000000000071c1d\\n ...\\n Call Trace:\\n [\u003c9000000003803964\u003e] show_stack+0x64/0x1a0\\n [\u003c9000000004c57464\u003e] dump_stack_lvl+0x74/0xb0\\n [\u003c9000000003861ab4\u003e] __might_resched+0x154/0x1a0\\n [\u003c900000000380c96c\u003e] emulate_load_store_insn+0x6c/0xf60\\n [\u003c9000000004c58118\u003e] do_ale+0x78/0x180\\n [\u003c9000000003801bc8\u003e] handle_ale+0x128/0x1e0\\n\\nSo enable IRQ if unaligned access exception is triggered in irq-enabled\\ncontext to fix it.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: LoongArch: Habilitar IRQ si do_ale() se activa en un contexto habilitado para irq. La excepci\u00f3n de acceso no alineado se puede activar en un contexto habilitado para irq, como el modo de usuario; en este caso, do_ale() puede llamar a get_user(), lo que puede provocar una suspensi\u00f3n. Entonces obtendremos: ERROR: funci\u00f3n inactiva llamada desde un contexto no v\u00e1lido en arch/loongarch/kernel/access-helper.h:7 in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 129, nombre: modprobe preempt_count: 0, esperado: 0 Profundidad de anidaci\u00f3n de RCU: 0, esperado: 0 CPU: 0 UID: 0 PID: 129 Comm: modprobe Contaminado: GW 6.12.0-rc1+ #1723 Contaminado: [W]=WARN Pila: 9000000105e0bd48 0000000000000000 9000000003803944 9000000105e08000 9000000105e0bc70 9000000105e0bc78 000000000000000 0000000000000000 9000000105e0bc78 0000000000000001 9000000185e0ba07 9000000105e0b890 ffffffffffffffff 9000000105e0bc78 73924b81763be05b 9000000100194500 000000000000020c 00000000000000a 0000000000000000 000000000000003 000000000000023f0 000000000000e1401 00000000072f8000 0000007ffbb0e260 0000000000000000 000000000000000 9000000005437650 90000000055d5000 0000000000000000 0000000000000003 0000007ffbb0e1f0 000000000000000 000005567b00490 0000000000000000 9000000003803964 0000007ffbb0dfec 000000000000000b0 0000000000000007 0000000000000003 0000000000071c1d ... Seguimiento de llamadas: [\u0026lt;9000000003803964\u0026gt;] show_stack+0x64/0x1a0 [\u0026lt;9000000004c57464\u0026gt;] dump_stack_lvl+0x74/0xb0 [\u0026lt;9000000003861ab4\u0026gt;] __might_resched+0x154/0x1a0 [\u0026lt;900000000380c96c\u0026gt;] emulate_load_store_insn+0x6c/0xf60 [\u0026lt;9000000004c58118\u0026gt;] do_ale+0x78/0x180 [\u0026lt;9000000003801bc8\u0026gt;] handle_ale+0x128/0x1e0 Entonces habilite IRQ si se activa una excepci\u00f3n de acceso no alineado en un contexto habilitado para irq para solucionarlo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.6.59\",\"matchCriteriaId\":\"1F471FD6-0481-4141-8A03-00D7CE67C49C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.11.6\",\"matchCriteriaId\":\"E4486B12-007B-4794-9857-F07145637AA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F361E1D-580F-4A2D-A509-7615F73167A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"925478D0-3E3D-4E6F-ACD5-09F28D5DF82C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C95E234-D335-4B6C-96BF-E2CEBD8654ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0F717D8-3014-4F84-8086-0124B2111379\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/69cc6fad5df4ce652d969be69acc60e269e5eea1\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8915ed160dbd32b5ef5864df9a9fc11db83a77bb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/afbfb3568d78082078acc8bb2b29bb47af87253c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.