Linux Kernel Bluetooth HCI Workqueue Drainage Issue Causes Command Transmission Timeout

A vulnerability in the Linux kernel's Bluetooth implementation has been addressed. The issue arose when the HCI work queue was drained, allowing only queue-chained work to proceed. This drainage was intended to prevent a deadlock, but it inadvertently created a problem. After the work queue was drained, another delayed work queued commands to this emptied queue, leading to a transmission timeout error for Bluetooth commands. The error was reported as a command transmission timeout, indicating a failure to process Bluetooth commands in a timely manner.

Impact

The vulnerability caused Bluetooth command transmission timeouts, disrupting normal Bluetooth communication by delaying or preventing the processing of commands.

Remediation

The vulnerability has been fixed in the Linux kernel by adding a new HCI_DRAIN_WQ flag to prevent queuing timeout work while the command workqueue is being drained. Users should upgrade to the latest version of the Linux kernel where this fix is applied.