Bluetooth is borked: Can't init device hci0: Invalid argument (22)

fireye.coffee · May 17, 2026, 8:47am

Which Linux distro are you using?

nixos-unstable

Which release version?

Updated yesterday, reverted flake.lock to pre-update, still borked.

Which kernel are you using?

7.0.8

Which BIOS version are you using?

0.0.3.6, I ran an update from 3.5 to 3.6 after noticing this problem but before reverting my flake.lock.

Which Framework Laptop 16 model are you using? (AMD Ryzen™ 7040 Series)

Ryzen 300

I’ve been following this guide from the knowledge-base: Ubuntu Bluetooth Troubleshooting Guide

Running sudo hciconfig hci0 up results in the following error:

Can’t init device hci0: Invalid argument (22)

From what I can tell this might be a kernel issue of some sort? Any information or assistance here would be greatly appreciated.

James3 · May 17, 2026, 11:03am

Try an older kernel, say 7.0.6 or before to see if that helps.
If it helps, at least one then knows it it a kernel bug.

spectre_3000 · May 17, 2026, 1:55pm

It is a kernel bug try using 6.6 or stable branch with 7.0.3 or 7.0.6 it works i tried it out.

You can make this change in your config while waiting for the patch to come out:

let
  linux_7_0_6 = pkgs.linux_7_0.override {
    argsOverride = rec {
      version = "7.0.6";
      modDirVersion = version;
      src = pkgs.fetchurl {
        url = "mirror://kernel/linux/kernel/v7.x/linux-${version}.tar.xz";
        hash = "sha256-y6REQKpXr/18ISQdxbwjSw31PEmfj/w+vCkN0zkKdSM=";
      };
    };
  };
in
{boot.kernelPackages = pkgs.linuxPackagesFor linux_7_0_6;
# rest of the conf
# also don't forget to comment your current kernel
}

and when the patch comes out just comment this out and try the new kernel to see if it works

James3 · May 17, 2026, 3:53pm

A lot of security bug fixes went into 7.0.7 related to bluetooth. So my guess it is accidentally broke something.
A patch is here:

It works for me. It is not great bug fix, as it just opens the security hole again.
Essentially, the mediatek bluetooth firmware is buggy.

diff --git a/drivers/bluetooth/btmtk.c b/drivers/bluetooth/btmtk.c
index 31ff133b6159..6a9020b2b249 100644
--- a/drivers/bluetooth/btmtk.c
+++ b/drivers/bluetooth/btmtk.c
@@ -678,8 +678,10 @@ static int btmtk_usb_hci_wmt_sync(struct hci_dev *hdev,
        case BTMTK_WMT_FUNC_CTRL:
                if (!skb_pull_data(data->evt_skb,
                                   sizeof(wmt_evt_funcc->status))) {
-                       err = -EINVAL;
-                       goto err_free_skb;
+                       //err = -EINVAL;
+                       //goto err_free_skb;
+                       status = BTMTK_WMT_ON_UNDONE;
+                       break;
                }
 
                wmt_evt_funcc = (struct btmtk_hci_wmt_evt_funcc *)wmt_evt;

fireye.coffee · May 17, 2026, 6:13pm

Thanks for the derivation, works like a charm!

dimitris · May 17, 2026, 6:45pm

The patch (seems to be originally from this linux-bluetooth thread) seems to be maintaining the security aspect of original security-but-buggy-device-firmware-breaking fix.

Am I interpreting this right - keeping the delegation of reading the data to skb_pull_data, instead of the old naive pointer cast, keeps the OOB read from happening despite the new return logic?

Topic		Replies	Views
Bluetooth Stopped Working After Kernel 7.0.7 Update Linux arch	14	932	May 23, 2026
Bluetooth won't Enable after Kernel Update Linux fedora	3	204	May 17, 2026
[RESPONDED] Direct firmware load failed for Bluetooth on default M.2 Mediatek Wifi card Linux	18	5245	March 12, 2024
Bluetooth device not enumerated on Framework Laptop 13 after kernel update Community Support other-issues , amd-ai-300	0	111	February 3, 2026
Bluetooth support is gone after Fedora Update Linux fedora	18	2508	April 4, 2026

Bluetooth is borked: Can't init device hci0: Invalid argument (22)

Related topics