Assigner | Linux |
Reserved | 2024-02-25 |
Published | 2024-02-25 |
Updated | 2024-07-05 |
Description
In the Linux kernel, the following vulnerability has been resolved: net: hso: fix NULL-deref on disconnect regression Commit 8a12f8836145 ("net: hso: fix null-ptr-deref during tty device unregistration") fixed the racy minor allocation reported by syzbot, but introduced an unconditional NULL-pointer dereference on every disconnect instead. Specifically, the serial device table must no longer be accessed after the minor has been released by hso_serial_tty_unregister().
Product status
a462067d7c8e before 5871761c5f0f
145c89c441d2 before 0c71d4c89559
caf5ac93b3b5 before 24b699bea755
92028d7a31e5 before 5c17cfe155d2
4a2933c88399 before d7fad2ce15bd
dc195928d7e4 before 90642ee9eb58
388d05f70f1e before 0f000005da31
8a12f8836145 before 41c44e1f3112
8a12f8836145 before 2ad5692db728
5.12
Any version before 5.12
4.19.189
5.4.115
5.10.33
5.11.17
5.12.1
5.13
References
https://git.kernel.org/stable/c/5871761c5f0f20d6e98bf3b6bd7486d857589554
https://git.kernel.org/stable/c/0c71d4c89559f72cec2592d078681a843bce570e
https://git.kernel.org/stable/c/24b699bea7553fc0b98dad9d864befb6005ac7f1
https://git.kernel.org/stable/c/5c17cfe155d21954b4c7e2a78fa771cebcd86725
https://git.kernel.org/stable/c/d7fad2ce15bdbbd0fec3ebe999fd7cab2267f53e
https://git.kernel.org/stable/c/90642ee9eb581a13569b1c0bd57e85d962215273
https://git.kernel.org/stable/c/0f000005da31f6947f843ce6b3e3a960540c6e00
https://git.kernel.org/stable/c/41c44e1f3112d7265dae522c026399b2a42d19ef
https://git.kernel.org/stable/c/2ad5692db72874f02b9ad551d26345437ea4f7f3