CVE-2024-50111: 
CBL Mariner vulnerability analysis and mitigation

CVE-2024-50111 affects the Linux kernel's LoongArch architecture implementation. The vulnerability was discovered when unaligned access exceptions could be triggered in IRQ-enabled contexts, such as user mode. In these cases, doale() may call getuser() which can cause sleep in an invalid context (Kernel Patch). The issue was assigned a CVSS v3.1 base score of 5.5 MEDIUM (NVD).

The vulnerability occurs in the LoongArch architecture's exception handling code. When an unaligned access exception is triggered in an IRQ-enabled context, the doale() function may attempt to call getuser() while interrupts are disabled. This creates an invalid context where a sleeping function is called when it shouldn't be, resulting in a kernel bug warning. The technical manifestation includes a 'BUG: sleeping function called from invalid context' error at arch/loongarch/kernel/access-helper.h:7, with indicators showing irqs_disabled():1 while in a non-atomic context (Kernel Patch).

The vulnerability can lead to system instability when unaligned access exceptions occur in IRQ-enabled contexts. This primarily affects systems running the Linux kernel on LoongArch architecture, potentially causing kernel warnings and system reliability issues (NVD).

The issue has been fixed by enabling IRQ if doale() is triggered in IRQ-enabled context. The patch modifies the kernel to check if interrupts were enabled (using regs->csrprmd & CSRPRMDPIE) and temporarily re-enables them during the exception handling (Kernel Patch).