Linux · Linux Kernel · CVE-2024-46689
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The issue is related to the mapping of shared memory in the Linux kernel, specifically in the soc: qcom: cmd-db component. The problem arises when the XPU falsely detects clean cache eviction as a "write" into the write-protected region, leading to a secure interrupt and an endless loop in the Trust Zone. This occurs because the Qualcomm Hypervisor maps the region as Non-Cacheable memory in Stage 2 translation tables, but other hypervisors like Xen or KVM do not know about these specific mappings. The patch fixes the issue by updating the mapping of cmd-db memory from MEMREMAP WB to MEMREMAP WT/WC, removing the dependency on correct mappings in Stage 2 tables.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.