CVE-2024-46689

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the mapping of shared memory in the Linux kernel, specifically in the soc: qcom: cmd-db component. The problem arises when the XPU falsely detects clean cache eviction as a "write" into the write-protected region, leading to a secure interrupt and an endless loop in the Trust Zone. This occurs because the Qualcomm Hypervisor maps the region as Non-Cacheable memory in Stage 2 translation tables, but other hypervisors like Xen or KVM do not know about these specific mappings. The patch fixes the issue by updating the mapping of cmd-db memory from MEMREMAP WB to MEMREMAP WT/WC, removing the dependency on correct mappings in Stage 2 tables.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.