CVE-2024-53238: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-53238 affects the Linux kernel's Bluetooth subsystem, specifically the MediaTek Bluetooth USB driver (btmtk). The vulnerability was discovered and disclosed in December 2024, involving an initialization timing issue in the ISO data anchor that could lead to a NULL pointer crash during USB disconnect operations. The issue affects Linux kernel versions from 6.11 up to (excluding) 6.11.11 and versions from 6.12 up to (excluding) 6.12.2 (NVD).

The vulnerability stems from improper initialization timing of the MediaTek ISO data anchor. The issue occurs when there is an unexpected Bluetooth USB disconnect during the setup flow, causing a NULL pointer crash when releasing the ISO anchor since it hasn't been properly initialized. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (MEDIUM) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

When exploited, this vulnerability can cause a NULL pointer dereference in the kernel, leading to a system crash (denial of service). The issue specifically manifests during the USB disconnect process, affecting system stability and potentially interrupting Bluetooth operations (NVD).

The vulnerability has been patched by adjusting the position of the ISO data anchor initialization to where MediaTek claims the ISO data interface. The fix involves moving the initusbanchor() call from btmtkusbisointfinit() to btusbmtkclaimiso_intf(). Users should update to Linux kernel versions 6.11.11 or 6.12.2 or later to receive the fix (Kernel Patch).

The vulnerability has been acknowledged and addressed by the Linux kernel community, with patches being backported to affected stable kernel versions. Ubuntu has included fixes for this vulnerability in their security updates, indicating its importance for system stability (Ubuntu Notice).