ghsa-w824-fqw5-9rp4
Vulnerability from github
Published
2024-11-05 18:32
Modified
2024-11-08 21:33
Details

In the Linux kernel, the following vulnerability has been resolved:

LoongArch: Enable IRQ if do_ale() triggered in irq-enabled context

Unaligned access exception can be triggered in irq-enabled context such as user mode, in this case do_ale() may call get_user() which may cause sleep. Then we will get:

BUG: sleeping function called from invalid context at arch/loongarch/kernel/access-helper.h:7 in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 129, name: modprobe preempt_count: 0, expected: 0 RCU nest depth: 0, expected: 0 CPU: 0 UID: 0 PID: 129 Comm: modprobe Tainted: G W 6.12.0-rc1+ #1723 Tainted: [W]=WARN Stack : 9000000105e0bd48 0000000000000000 9000000003803944 9000000105e08000 9000000105e0bc70 9000000105e0bc78 0000000000000000 0000000000000000 9000000105e0bc78 0000000000000001 9000000185e0ba07 9000000105e0b890 ffffffffffffffff 9000000105e0bc78 73924b81763be05b 9000000100194500 000000000000020c 000000000000000a 0000000000000000 0000000000000003 00000000000023f0 00000000000e1401 00000000072f8000 0000007ffbb0e260 0000000000000000 0000000000000000 9000000005437650 90000000055d5000 0000000000000000 0000000000000003 0000007ffbb0e1f0 0000000000000000 0000005567b00490 0000000000000000 9000000003803964 0000007ffbb0dfec 00000000000000b0 0000000000000007 0000000000000003 0000000000071c1d ... Call Trace: [<9000000003803964>] show_stack+0x64/0x1a0 [<9000000004c57464>] dump_stack_lvl+0x74/0xb0 [<9000000003861ab4>] __might_resched+0x154/0x1a0 [<900000000380c96c>] emulate_load_store_insn+0x6c/0xf60 [<9000000004c58118>] do_ale+0x78/0x180 [<9000000003801bc8>] handle_ale+0x128/0x1e0

So enable IRQ if unaligned access exception is triggered in irq-enabled context to fix it.

Show details on source website


{
  "affected": [],
  "aliases": [
    "CVE-2024-50111"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-05T18:15:14Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: Enable IRQ if do_ale() triggered in irq-enabled context\n\nUnaligned access exception can be triggered in irq-enabled context such\nas user mode, in this case do_ale() may call get_user() which may cause\nsleep. Then we will get:\n\n BUG: sleeping function called from invalid context at arch/loongarch/kernel/access-helper.h:7\n in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 129, name: modprobe\n preempt_count: 0, expected: 0\n RCU nest depth: 0, expected: 0\n CPU: 0 UID: 0 PID: 129 Comm: modprobe Tainted: G        W          6.12.0-rc1+ #1723\n Tainted: [W]=WARN\n Stack : 9000000105e0bd48 0000000000000000 9000000003803944 9000000105e08000\n         9000000105e0bc70 9000000105e0bc78 0000000000000000 0000000000000000\n         9000000105e0bc78 0000000000000001 9000000185e0ba07 9000000105e0b890\n         ffffffffffffffff 9000000105e0bc78 73924b81763be05b 9000000100194500\n         000000000000020c 000000000000000a 0000000000000000 0000000000000003\n         00000000000023f0 00000000000e1401 00000000072f8000 0000007ffbb0e260\n         0000000000000000 0000000000000000 9000000005437650 90000000055d5000\n         0000000000000000 0000000000000003 0000007ffbb0e1f0 0000000000000000\n         0000005567b00490 0000000000000000 9000000003803964 0000007ffbb0dfec\n         00000000000000b0 0000000000000007 0000000000000003 0000000000071c1d\n         ...\n Call Trace:\n [\u003c9000000003803964\u003e] show_stack+0x64/0x1a0\n [\u003c9000000004c57464\u003e] dump_stack_lvl+0x74/0xb0\n [\u003c9000000003861ab4\u003e] __might_resched+0x154/0x1a0\n [\u003c900000000380c96c\u003e] emulate_load_store_insn+0x6c/0xf60\n [\u003c9000000004c58118\u003e] do_ale+0x78/0x180\n [\u003c9000000003801bc8\u003e] handle_ale+0x128/0x1e0\n\nSo enable IRQ if unaligned access exception is triggered in irq-enabled\ncontext to fix it.",
  "id": "GHSA-w824-fqw5-9rp4",
  "modified": "2024-11-08T21:33:53Z",
  "published": "2024-11-05T18:32:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50111"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/69cc6fad5df4ce652d969be69acc60e269e5eea1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8915ed160dbd32b5ef5864df9a9fc11db83a77bb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/afbfb3568d78082078acc8bb2b29bb47af87253c"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.