CVE-2024-58238

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: This issue resolves a timeout error occurring in the Bluetooth btnxpuart driver during power save stress testing. The problem arises when the power save mechanism activates UART break concurrently with the scheduling of btnxpuart tx work(). This leads to an incorrect reading of the power state (ps state), preventing the necessary work from being scheduled to disable the UART break. The fix involves implementing a ps lock mutex to synchronize access to UART break control and the ps state variable, ensuring accurate state management and preventing the timeout error.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

BDU:2025-09671

CVE-2024-58238

ECHO-D099-CC2A-A938

SUSE-SU-2025:03272-1

SUSE-SU-2025:03290-1

SUSE-SU-2025:03301-1

SUSE-SU-2025:03382-1

SUSE-SU-2025:03602-1

SUSE-SU-2025:03633-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20653-1

SUSE-SU-2025:20669-1

SUSE-SU-2025:20739-1

SUSE-SU-2025:20756-1

SUSE-SU-2025_03272-1

SUSE-SU-2025_03290-1

SUSE-SU-2025_03301-1

SUSE-SU-2025_03382-1

Affected Products

Astra Linux

Debian

Linux Kernel

Suse

CVE-2024-58238

Weakness Enumeration

Related Identifiers

Affected Products

References · 1047