In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: btnxpuart: Fix btnxpuart_close
Fix scheduling while atomic BUG in btnxpuart_close(), properly purge the transmit queue and free the receive skb.
[ 10.973809] BUG: scheduling while atomic: kworker/u9:0/80/0x00000002 ... [ 10.980740] CPU: 3 PID: 80 Comm: kworker/u9:0 Not tainted 6.8.0-rc7-0.0.0-devel-00005-g61fdfceacf09 #1 [ 10.980751] Hardware name: Toradex Verdin AM62 WB on Dahlia Board (DT) [ 10.980760] Workqueue: hci0 hcipoweroff [bluetooth] [ 10.981169] Call trace: ... [ 10.981363] uartupdatemctrl+0x58/0x78 [ 10.981373] uartdtrrts+0x104/0x114 [ 10.981381] ttyportshutdown+0xd4/0xdc [ 10.981396] ttyportclose+0x40/0xbc [ 10.981407] uartclose+0x34/0x9c [ 10.981414] ttyportclose+0x50/0x94 [ 10.981430] serdevdeviceclose+0x40/0x50 [ 10.981442] btnxpuartclose+0x24/0x98 [btnxpuart] [ 10.981469] hcidevclosesync+0x2d8/0x718 [bluetooth] [ 10.981728] hcidevdoclose+0x2c/0x70 [bluetooth] [ 10.981862] hcipower_off+0x20/0x64 [bluetooth]
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "117664402757238887516442083393045586607", "328449518638716877842275720420767107934", "323654124434007270006628248751712260341", "303487160405238344234401364463678746335" ] }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@664130c0b0309b360bc5bdd40a30604a9387bde8", "target": { "file": "drivers/bluetooth/btnxpuart.c" }, "id": "CVE-2024-26959-14adbe4e", "signature_type": "Line" }, { "digest": { "length": 194.0, "function_hash": "28309390120124833743713011838144878463" }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@664130c0b0309b360bc5bdd40a30604a9387bde8", "target": { "file": "drivers/bluetooth/btnxpuart.c", "function": "btnxpuart_close" }, "id": "CVE-2024-26959-2ccc5631", "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "117664402757238887516442083393045586607", "328449518638716877842275720420767107934", "323654124434007270006628248751712260341", "303487160405238344234401364463678746335" ] }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@586e099c93fe26b7bd40593979532f507ed9f6a4", "target": { "file": "drivers/bluetooth/btnxpuart.c" }, "id": "CVE-2024-26959-608891fe", "signature_type": "Line" }, { "digest": { "length": 194.0, "function_hash": "28309390120124833743713011838144878463" }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d4e2365b07f1ae1f811a915b514caef5b2d6581e", "target": { "file": "drivers/bluetooth/btnxpuart.c", "function": "btnxpuart_close" }, "id": "CVE-2024-26959-7df581a2", "signature_type": "Function" }, { "digest": { "length": 194.0, "function_hash": "28309390120124833743713011838144878463" }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@586e099c93fe26b7bd40593979532f507ed9f6a4", "target": { "file": "drivers/bluetooth/btnxpuart.c", "function": "btnxpuart_close" }, "id": "CVE-2024-26959-ac4ea780", "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "117664402757238887516442083393045586607", "328449518638716877842275720420767107934", "323654124434007270006628248751712260341", "303487160405238344234401364463678746335" ] }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d4e2365b07f1ae1f811a915b514caef5b2d6581e", "target": { "file": "drivers/bluetooth/btnxpuart.c" }, "id": "CVE-2024-26959-efd461e8", "signature_type": "Line" } ] }