CVE-2024-46680

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.9.11

Description The Linux kernel has a vulnerability in the Bluetooth module, specifically in the btnxpuart driver. The issue arises when the driver is removed while the Power Save feature is enabled, causing a kernel crash. This happens because the ps wakeup() call in btnxpuart close() schedules a work item that gets executed after the module is removed. The new ps cleanup() function fixes this by immediately deasserting the UART break, canceling any scheduled work, and destroying the ps lock mutex when the serdev device is closed.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for this vulnerability. Specifically, versions 6.9.11 and later should be used. For versions prior to 6.9.11, consider applying the patch that includes the new ps cleanup() function to mitigate the issue. As a temporary workaround, consider disabling the Power Save feature by default to minimize the risk of exploitation until a patch is available.