CVE-2024-58238: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability has been identified in the Linux kernel's Bluetooth btnxpuart driver (CVE-2024-58238). The issue involves a TX timeout error that occurs during power save stress testing, specifically when the interval between two HCI commands coincides with the power save timeout value of 2 seconds (NVD).

The vulnerability manifests when the power save mechanism turns on UART break and btnxpuarttxwork() is scheduled simultaneously. In this scenario, psdata->psstate is read as PSSTATE_AWAKE, which prevents the psdata->work from being scheduled - the component responsible for turning OFF UART break. The issue was discovered during stress testing where the interval between HCI commands matched the 2-second power save timeout value (NVD).

When exploited, this vulnerability results in TX timeout errors in the Bluetooth btnxpuart driver, potentially affecting Bluetooth connectivity and power management functionality in affected Linux systems (NVD).

The issue has been fixed by implementing a pslock mutex around UART break on/off operations as well as around psstate read/write operations. The fix ensures that btnxpuarttxwakeup() reads the updated psstate value correctly. When psstate is PSSTATESLEEP, it first schedules psdata->work, then reschedules itself after UART break has been turned off and psstate is PSSTATE_AWAKE. Testing confirmed the fix's effectiveness over 50,000 iterations with no observed TX timeout errors (NVD).