Linux Kernel Bluetooth Firmware Release-Related Kernel Panic Vulnerability

A vulnerability in the Linux kernel's Bluetooth subsystem, specifically within the btnxpuart driver, has been addressed. This issue caused a kernel panic during firmware release in a stress test scenario where both WLAN and Bluetooth firmware downloads occurred simultaneously. Due to a hardware bug, the chip transmitted only one bootloader signature. When the driver received this signature, it initiated the firmware download process. However, because no subsequent signatures were received, the firmware file was not requested. After a 60-second timeout, the release_firmware function triggered a kernel panic, leading to a system crash.

Impact

Exploitation of this vulnerability caused a kernel panic, disrupting system operations and potentially leading to a denial of service.