CVE-2025-68298

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: btusb: mediatek: Avoid btusbmtkclaimisointf() NULL deref

In btusbmtksetup(), we set btmtk_data->isopkt_intf to: usbifnumtoif(data->udev, MTKISO_IFNUM)

That function can return NULL in some cases. Even when it returns NULL, though, we still go on to call btusbmtkclaimisointf().

As of commit e9087e828827 ("Bluetooth: btusb: mediatek: Add locks for usbdriverclaiminterface()"), calling btusbmtkclaimisointf() when btmtk_data->isopkt_intf is NULL will cause a crash because we'll end up passing a bad pointer to devicelock(). Prior to that commit we'd pass the NULL pointer directly to usbdriverclaim_interface() which would detect it and return an error, which was handled.

Resolve the crash in btusbmtkclaimisointf() by adding a NULL check at the start of the function. This makes the code handle a NULL btmtk_data->isopkt_intf the same way it did before the problematic commit (just with a slight change to the error message printed).