hi,
On Fri, Apr 19, 2024 at 05:37:41PM +0200, Jeremy Lainé wrote:
> Package: src:linux
> Version: 6.1.85-1
> Severity: important
> X-Debbugs-Cc: jeremy.laine@m4x.org
>
> Dear Maintainer,
>
> After upgrading from linux-image-6.1.0-18-amd64 to
> linux-image-6.1.0-20-amd64, bluetooth no longer works and a kernel BUG is
> visible in dmesg hinting at a memory safety issue.
>
> It is not necessary to attempt to connect to any specific bluetooth
> device to trigger the problem, the problem arises as soon as the system
> boots.
>
> I cannot reproduce the problem when booting back into the previous kernel
> image.
Upsream responded in
https://lore.kernel.org/linux-bluetooth/CABBYNZKQAJGzA8th8A7Foiy7YaSFZDpLvLZqDFsVJ3Yzn8C_5g@mail.gmail.com/
and it looks this issue should be fixed by two commits (which do not
apply cleanly to 6.1.y though), but are:
- 5af1f84ed13a ("Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync")
in 6.6-rc1 (and backported to 6.5.3 and 6.4.16).
- a239110ee8e0 ("Bluetooth: hci_sync: always check if connection is
alive before deleting") in 6.6-rc7 (and backported to 6.5.9).
As said they do not apply clearnly.
Would you be able to confirm that packages in stable-backports or
testing/unstable do not expose anymore the issue?
I asked upstream if they can provide backports for the 6.1.y series as
well.
Regards,
Salvatore