CVE-2024-38667: 
CBL Mariner vulnerability analysis and mitigation

CVE-2024-38667 is a vulnerability discovered in the Linux kernel affecting the RISC-V architecture. The issue was disclosed on June 24, 2024, and involves a potential corruption of pt_regs (processor status registers) for secondary idle threads. The vulnerability affects multiple versions of the Linux kernel, including versions up to 5.7 and versions from 6.1 up to 6.1.93, 6.6 up to 6.6.33, and 6.9 up to 6.9.4 (NVD).

The vulnerability stems from an improper handling of kernel thread stacks in the RISC-V architecture implementation. The top of the kernel thread stack should be reserved for ptregs, but this was not properly implemented for idle threads of secondary boot harts, causing their stacks to overlap with their ptregs. This issue was particularly noticeable during CPU hotplug tests with V enabled, where the smpcallin function stored several registers on stack, corrupting the top of ptregs structure including the status field. The CVSS v3.1 base score for this vulnerability is 7.8 (High), with a vector string of CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

When exploited, this vulnerability can lead to corruption of processor status registers, potentially causing the kernel to attempt to save or restore non-existent V context. This could result in system instability and potential security implications due to corrupted processor state management (Kernel Patch).

The issue has been fixed in various Linux kernel versions through patches that properly handle pt_regs allocation for secondary idle threads. Ubuntu has released updates for affected versions, including fixes in kernel versions 5.15.0-127.137 for Ubuntu 22.04 LTS and 6.8.0-44.44 for Ubuntu 24.04 LTS (Ubuntu Security).