CVE-2024-50111

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.61

Description: The issue is related to the Linux kernel, specifically the LoongArch architecture, where an unaligned access exception can be triggered in an irq-enabled context, such as user mode. This can cause the do ale() function to call get user(), which may lead to a sleep, resulting in a BUG message indicating a sleeping function called from an invalid context. The estimated number of potentially affected devices is not provided. There is no information about real-world incidents where this issue was exploited.

Recommendations: To resolve the issue, update to Linux kernel version 6.6.61 or later. As a temporary workaround, consider disabling the do ale() function until a patch is available. However, this may have unintended consequences and should be approached with caution. At the moment, there is no other information about additional mitigation measures.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-666

Related Identifiers

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

ALT-PU-2024-15245

ALT-PU-2024-17211

ALT-PU-2025-12647

AZL-52486

AZL-52535

BDU:2025-13979

CVE-2024-50111

ECHO-8D74-308A-5CE5

MGASA-2024-0368

MGASA-2024-0369

OESA-2025-1097

OPENSUSE-SU-2024:14500-1

OPENSUSE-SU-2025:14705-1

USN-7276-1

USN-7277-1

USN-7310-1

USN-7449-1

USN-7449-2

USN-7450-1

USN-7451-1

USN-7452-1

USN-7453-1

USN-7468-1

USN-7523-1

USN-7524-1

Affected Products

Alt Linux

Debian

Linuxmint

Linux Kernel

Ubuntu

CVE-2024-50111

Weakness Enumeration

Related Identifiers

Affected Products

References · 1751