CVE-2024-42137

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot<br /> <br /> Commit 272970be3dab ("Bluetooth: hci_qca: Fix driver shutdown on closed<br /> serdev") will cause below regression issue:<br /> <br /> BT can&amp;#39;t be enabled after below steps:<br /> cold boot -&gt; enable BT -&gt; disable BT -&gt; warm reboot -&gt; BT enable failure<br /> if property enable-gpios is not configured within DT|ACPI for QCA6390.<br /> <br /> The commit is to fix a use-after-free issue within qca_serdev_shutdown()<br /> by adding condition to avoid the serdev is flushed or wrote after closed<br /> but also introduces this regression issue regarding above steps since the<br /> VSC is not sent to reset controller during warm reboot.<br /> <br /> Fixed by sending the VSC to reset controller within qca_serdev_shutdown()<br /> once BT was ever enabled, and the use-after-free issue is also fixed by<br /> this change since the serdev is still opened before it is flushed or wrote.<br /> <br /> Verified by the reported machine Dell XPS 13 9310 laptop over below two<br /> kernel commits:<br /> commit e00fc2700a3f ("Bluetooth: btusb: Fix triggering coredump<br /> implementation for QCA") of bluetooth-next tree.<br /> commit b23d98d46d28 ("Bluetooth: btusb: Fix triggering coredump<br /> implementation for QCA") of linus mainline tree.