CVE-2024-42137: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-42137 affects the Linux kernel's Bluetooth QCA driver, specifically related to the QCA6390 Bluetooth controller. The vulnerability was discovered when a regression issue was introduced by commit 272970be3dab that caused Bluetooth enable failure after a warm reboot sequence on systems where enable-gpios is not configured within DT|ACPI for QCA6390 (Kernel Patch). The issue was disclosed on July 30, 2024, and received a CVSS v3.1 base score of 5.5 (Medium) (NVD).

The vulnerability stems from a fix attempt for a use-after-free issue in the qcaserdevshutdown() function. The original fix added a condition to prevent serdev from being flushed or written after closure, but this introduced a regression where the Vendor Specific Command (VSC) was not sent to reset the controller during warm reboot. The issue manifests in a specific sequence: cold boot -> enable BT -> disable BT -> warm reboot -> BT enable failure (Kernel Patch).

The vulnerability affects the availability of Bluetooth functionality on systems using the QCA6390 Bluetooth controller. When triggered, it prevents Bluetooth from being enabled after a warm reboot sequence, effectively causing a denial of service for Bluetooth capabilities. This particularly impacts systems where enable-gpios is not configured within DT|ACPI for QCA6390 (NVD).

The issue has been fixed by modifying the qcaserdevshutdown() function to send the VSC to reset the controller when Bluetooth was previously enabled. The fix ensures the serdev remains open before being flushed or written, addressing both the regression and the original use-after-free issue. The fix has been verified on Dell XPS 13 9310 laptop (Kernel Patch).