Linux Kernel Bluetooth HID Nintendo Controller Suspend/Resume Stall Vulnerability

A vulnerability in the Linux kernel's handling of Bluetooth-connected Nintendo controllers can lead to kernel stalls or panics. This issue, observed on Android devices with kernel 6.6, arises from a resume hook added for USB Joy-Con controllers. The problem occurs when the kernel waits for input reports during the LED class device suspend, potentially causing a stall if the controller loses connectivity before the suspend process. The vulnerability has been addressed by introducing a new suspend function that sets the controller's state to 'suspended', preventing the kernel from stalling. Additionally, the resume function for Bluetooth controllers has been modified to avoid reinitializing the Joy-Con, as connectivity is lost during the suspend phase.

Impact

The vulnerability could cause the kernel to stall or panic, disrupting system operations and potentially leading to a denial of service.

Reproduction

The vulnerability can be reproduced by using a Bluetooth-connected Nintendo controller, such as a Joy-Con, with a device running Linux kernel 6.6. The issue manifests when the controller is suspended, causing a stall as the kernel waits for input reports. This problem can be observed if the controller loses connectivity before the suspend process is completed.

Remediation

The vulnerability has been fixed in the Linux kernel. Users can upgrade to the latest version of the stable Linux kernel to apply the patch.