CVE-2024-26959: Bluetooth: btnxpuart: Fix btnxpuart_close

Description

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: btnxpuart: Fix btnxpuart_close

Fix scheduling while atomic BUG in btnxpuart_close(), properly
purge the transmit queue and free the receive skb.

[ 10.973809] BUG: scheduling while atomic: kworker/u9:0/80/0x00000002
...
[ 10.980740] CPU: 3 PID: 80 Comm: kworker/u9:0 Not tainted 6.8.0-rc7-0.0.0-devel-00005-g61fdfceacf09 #1
[ 10.980751] Hardware name: Toradex Verdin AM62 WB on Dahlia Board (DT)
[ 10.980760] Workqueue: hci0 hci_power_off [bluetooth]
[ 10.981169] Call trace:
...
[ 10.981363] uart_update_mctrl+0x58/0x78
[ 10.981373] uart_dtr_rts+0x104/0x114
[ 10.981381] tty_port_shutdown+0xd4/0xdc
[ 10.981396] tty_port_close+0x40/0xbc
[ 10.981407] uart_close+0x34/0x9c
[ 10.981414] ttyport_close+0x50/0x94
[ 10.981430] serdev_device_close+0x40/0x50
[ 10.981442] btnxpuart_close+0x24/0x98 [btnxpuart]
[ 10.981469] hci_dev_close_sync+0x2d8/0x718 [bluetooth]
[ 10.981728] hci_dev_do_close+0x2c/0x70 [bluetooth]
[ 10.981862] hci_power_off+0x20/0x64 [bluetooth]

Classification

CVE ID: CVE-2024-26959

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 17.83% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://git.kernel.org/stable/c/d4e2365b07f1ae1f811a915b514caef5b2d6581e
https://git.kernel.org/stable/c/586e099c93fe26b7bd40593979532f507ed9f6a4
https://git.kernel.org/stable/c/74bcf708775c405f7fb6ed776ccd3e1957f38a52
https://git.kernel.org/stable/c/664130c0b0309b360bc5bdd40a30604a9387bde8

Timeline

2024-12-20 00:35:08 UTC
CVE

Bluetooth: btnxpuart: Fix btnxpuart_close