In the Linux kernel, the following vulnerability has been...
Moderate severity
Unreviewed
Published
Feb 26, 2024
to the GitHub Advisory Database
•
Updated Apr 27, 2024
Description
Published by the National Vulnerability Database
Feb 26, 2024
Published to the GitHub Advisory Database
Feb 26, 2024
Last updated
Apr 27, 2024
In the Linux kernel, the following vulnerability has been resolved:
net: hso: fix NULL-deref on disconnect regression
Commit 8a12f8836145 ("net: hso: fix null-ptr-deref during tty device
unregistration") fixed the racy minor allocation reported by syzbot, but
introduced an unconditional NULL-pointer dereference on every disconnect
instead.
Specifically, the serial device table must no longer be accessed after
the minor has been released by hso_serial_tty_unregister().
References