Linux Kernel Remoteproc Qcom PAS Lite ADSP DTB Shutdown Vulnerability

A vulnerability exists in the Linux kernel's handling of the ADSP firmware on the X1E platform, specifically within the remoteproc subsystem for Qualcomm processors. The issue arises because the 'lite' firmware for the Digital Signal Processor (DSP) is not properly managed. While the main 'lite' firmware is shut down before loading new firmware, the corresponding 'lite' firmware for the Device Tree Blob (DTB) is left running indefinitely. This oversight can lead to system crashes when the memory region used by the 'lite' DTB firmware is accessed, as it is not properly synchronized with the main firmware. Although the current memory management does not support reusing these regions, the lingering 'lite' DTB firmware should not be allowed to run indefinitely.

Impact

Failure to properly shut down the 'lite' ADSP DTB firmware can cause system crashes when the associated memory region is accessed, disrupting normal operations and potentially leading to broader system instability.

Remediation

The vulnerability has been addressed in the Linux kernel. Users can upgrade to the latest version of the stable Linux kernel to apply the necessary fix.