CVE-2024-46689
soc: qcom: cmd-db: Map shared memory as WC, not WB
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
soc: qcom: cmd-db: Map shared memory as WC, not WB
Linux does not write into cmd-db region. This region of memory is write
protected by XPU. XPU may sometime falsely detect clean cache eviction
as "write" into the write protected region leading to secure interrupt
which causes an endless loop somewhere in Trust Zone.
The only reason it is working right now is because Qualcomm Hypervisor
maps the same region as Non-Cacheable memory in Stage 2 translation
tables. The issue manifests if we want to use another hypervisor (like
Xen or KVM), which does not know anything about those specific mappings.
Changing the mapping of cmd-db memory from MEMREMAP_WB to MEMREMAP_WT/WC
removes dependency on correct mappings in Stage 2 tables. This patch
fixes the issue by updating the mapping to MEMREMAP_WC.
I tested this on SA8155P with Xen.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-09-11 CVE Reserved
- 2024-09-13 CVE Published
- 2024-09-21 EPSS Updated
- 2024-11-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (8)
URL | Tag | Source |
---|---|---|
https://git.kernel.org/stable/c/312416d9171a1460b7ed8d182b5b540c910ce80d | Vuln. Introduced |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.18 < 5.4.283 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.18 < 5.4.283" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.18 < 5.10.225 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.18 < 5.10.225" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.18 < 5.15.166 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.18 < 5.15.166" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.18 < 6.1.108 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.18 < 6.1.108" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.18 < 6.6.49 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.18 < 6.6.49" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.18 < 6.10.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.18 < 6.10.8" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.18 < 6.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.18 < 6.11" | en |
Affected
|