CVE-2024-56628: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-56628 affects the Linux kernel's LoongArch architecture implementation. The vulnerability was discovered when executing mm selftests run_vmtests.sh, where invalid huge pte entry handling was found to be incorrect. The issue was disclosed on December 27, 2024, and affects the LoongArch system's memory management functionality (Kernel Git).

The vulnerability stems from incorrect handling of invalid huge pte entries in the LoongArch architecture. On LoongArch systems, invalid huge pte entries should be either invalidptetable or contain a single PAGEHUGE bit rather than a zero value. The issue manifests when pmdnone() is called by the freepgdrange() function, where pmdnone() returns 0 through hugepteclear(). This causes single PAGEHUGE bit to be treated as a valid pte table, triggering freepterange() calls in freepmdrange() (Kernel Git).

The vulnerability can lead to memory management issues, specifically causing a 'Bad page state' error and incorrect handling of page table entries. This manifests as a system bug with error messages indicating invalid page states and non-zero pgtables_bytes when freeing mm memory (Kernel Git).

The issue has been fixed by implementing an architecture-specific hugepteclear() function for LoongArch. The fix ensures that invalidptetable is used for both invalid huge pte entry and pmd entry handling. The patch has been included in various Linux kernel versions and is available through distribution updates (Debian LTS).