Jiaymao

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58 Description: A vulnerability in the Linux kernel's Bluetooth management (MGMT) component could lead to crashes when `mgmt index removed` is called while commands are queued on `cmd sync`. This issue is related to the handling of `mgmt index removed`, which attempts to dequeue commands passed as `user data` to `cmd sync`. The crash can occur due to the removal of pending commands, as seen in the stack trace involving ` list del entry valid or report`, `mgmt pending remove`, `mgmt remove adv monitor complete`, and `hci cmd sync work`. Recommendations: For Linux kernel versions prior to 6.6.58, update to version 6.6.58 or later to resolve the issue. As a temporary workaround, consider disabling Bluetooth functionality until the update is applied. Restrict access to the `cmd sync` and `mgmt index removed` functions to minimize the risk of exploitation. Avoid using the `user data` parameter in the affected Bluetooth management component until the issue is resolved.