CVE-2024-26959

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-26959
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26959.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-26959
Downstream
Published
2024-05-01T05:19:08Z
Modified
2025-10-15T09:59:05.073372Z
Summary
Bluetooth: btnxpuart: Fix btnxpuart_close
Details

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: btnxpuart: Fix btnxpuart_close

Fix scheduling while atomic BUG in btnxpuart_close(), properly purge the transmit queue and free the receive skb.

[ 10.973809] BUG: scheduling while atomic: kworker/u9:0/80/0x00000002 ... [ 10.980740] CPU: 3 PID: 80 Comm: kworker/u9:0 Not tainted 6.8.0-rc7-0.0.0-devel-00005-g61fdfceacf09 #1 [ 10.980751] Hardware name: Toradex Verdin AM62 WB on Dahlia Board (DT) [ 10.980760] Workqueue: hci0 hcipoweroff [bluetooth] [ 10.981169] Call trace: ... [ 10.981363] uartupdatemctrl+0x58/0x78 [ 10.981373] uartdtrrts+0x104/0x114 [ 10.981381] ttyportshutdown+0xd4/0xdc [ 10.981396] ttyportclose+0x40/0xbc [ 10.981407] uartclose+0x34/0x9c [ 10.981414] ttyportclose+0x50/0x94 [ 10.981430] serdevdeviceclose+0x40/0x50 [ 10.981442] btnxpuartclose+0x24/0x98 [btnxpuart] [ 10.981469] hcidevclosesync+0x2d8/0x718 [bluetooth] [ 10.981728] hcidevdoclose+0x2c/0x70 [bluetooth] [ 10.981862] hcipower_off+0x20/0x64 [bluetooth]

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
689ca16e523278470c38832a3010645a78c544d8
Fixed
d4e2365b07f1ae1f811a915b514caef5b2d6581e
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
689ca16e523278470c38832a3010645a78c544d8
Fixed
586e099c93fe26b7bd40593979532f507ed9f6a4
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
689ca16e523278470c38832a3010645a78c544d8
Fixed
74bcf708775c405f7fb6ed776ccd3e1957f38a52
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
689ca16e523278470c38832a3010645a78c544d8
Fixed
664130c0b0309b360bc5bdd40a30604a9387bde8

Affected versions

v6.*

v6.3
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.3
v6.6.4
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.7.1
v6.7.10
v6.7.11
v6.7.2
v6.7.3
v6.7.4
v6.7.5
v6.7.6
v6.7.7
v6.7.8
v6.7.9
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1
v6.8.2

Database specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "117664402757238887516442083393045586607",
                    "328449518638716877842275720420767107934",
                    "323654124434007270006628248751712260341",
                    "303487160405238344234401364463678746335"
                ]
            },
            "signature_version": "v1",
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@664130c0b0309b360bc5bdd40a30604a9387bde8",
            "target": {
                "file": "drivers/bluetooth/btnxpuart.c"
            },
            "id": "CVE-2024-26959-14adbe4e",
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 194.0,
                "function_hash": "28309390120124833743713011838144878463"
            },
            "signature_version": "v1",
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@664130c0b0309b360bc5bdd40a30604a9387bde8",
            "target": {
                "file": "drivers/bluetooth/btnxpuart.c",
                "function": "btnxpuart_close"
            },
            "id": "CVE-2024-26959-2ccc5631",
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "117664402757238887516442083393045586607",
                    "328449518638716877842275720420767107934",
                    "323654124434007270006628248751712260341",
                    "303487160405238344234401364463678746335"
                ]
            },
            "signature_version": "v1",
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@586e099c93fe26b7bd40593979532f507ed9f6a4",
            "target": {
                "file": "drivers/bluetooth/btnxpuart.c"
            },
            "id": "CVE-2024-26959-608891fe",
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 194.0,
                "function_hash": "28309390120124833743713011838144878463"
            },
            "signature_version": "v1",
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d4e2365b07f1ae1f811a915b514caef5b2d6581e",
            "target": {
                "file": "drivers/bluetooth/btnxpuart.c",
                "function": "btnxpuart_close"
            },
            "id": "CVE-2024-26959-7df581a2",
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 194.0,
                "function_hash": "28309390120124833743713011838144878463"
            },
            "signature_version": "v1",
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@586e099c93fe26b7bd40593979532f507ed9f6a4",
            "target": {
                "file": "drivers/bluetooth/btnxpuart.c",
                "function": "btnxpuart_close"
            },
            "id": "CVE-2024-26959-ac4ea780",
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "117664402757238887516442083393045586607",
                    "328449518638716877842275720420767107934",
                    "323654124434007270006628248751712260341",
                    "303487160405238344234401364463678746335"
                ]
            },
            "signature_version": "v1",
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d4e2365b07f1ae1f811a915b514caef5b2d6581e",
            "target": {
                "file": "drivers/bluetooth/btnxpuart.c"
            },
            "id": "CVE-2024-26959-efd461e8",
            "signature_type": "Line"
        }
    ]
}

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.4.0
Fixed
6.6.24
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.7.12
Type
ECOSYSTEM
Events
Introduced
6.8.0
Fixed
6.8.3