Fixed
Created: Aug 17, 2025
Updated: Sep 1, 2025
Resolved Date: Aug 17, 2025
Found In Version: 10.25.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 25
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]HID: nintendo: avoid bluetooth suspend/resume stalls[EOL][EOL]Ensure we don't stall or panic the kernel when using bluetooth-connected[EOL]controllers. This was reported as an issue on android devices using[EOL]kernel 6.6 due to the resume hook which had been added for usb joycons.[EOL][EOL]First, set a new state value to JOYCON_CTLR_STATE_SUSPENDED in a[EOL]newly-added nintendo_hid_suspend. This makes sure we will not stall out[EOL]the kernel waiting for input reports during led classdev suspend. The[EOL]stalls could happen if connectivity is unreliable or lost to the[EOL]controller prior to suspend.[EOL][EOL]Second, since we lose connectivity during suspend, do not try[EOL]joycon_init() for bluetooth controllers in the nintendo_hid_resume path.[EOL][EOL]Tested via multiple suspend/resume flows when using the controller both[EOL]in USB and bluetooth modes.
CREATE(Triage):(User=pbi-cn) [CVE-2025-38507 (https://nvd.nist.gov/vuln/detail/CVE-2025-38507)
