5.5

CVE-2021-46905

net: hso: fix NULL-deref on disconnect regression

In the Linux kernel, the following vulnerability has been resolved:

net: hso: fix NULL-deref on disconnect regression

Commit 8a12f8836145 ("net: hso: fix null-ptr-deref during tty device
unregistration") fixed the racy minor allocation reported by syzbot, but
introduced an unconditional NULL-pointer dereference on every disconnect
instead.

Specifically, the serial device table must no longer be accessed after
the minor has been released by hso_serial_tty_unregister().
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.19.189
LinuxLinux Kernel Version >= 4.20.0 < 5.4.115
LinuxLinux Kernel Version >= 5.5.0 < 5.10.33
LinuxLinux Kernel Version >= 5.11.0 < 5.11.17
LinuxLinux Kernel Version5.12 Update-
LinuxLinux Kernel Version5.12 Updaterc1
LinuxLinux Kernel Version5.12 Updaterc2
LinuxLinux Kernel Version5.12 Updaterc3
LinuxLinux Kernel Version5.12 Updaterc4
LinuxLinux Kernel Version5.12 Updaterc5
LinuxLinux Kernel Version5.12 Updaterc6
LinuxLinux Kernel Version5.12 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.26% 0.172
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/0c71d4c89559f72cec2592d078681a843bce570e
Patch
https://git.kernel.org/stable/c/0f000005da31f6947f843ce6b3e3a960540c6e00
Patch
https://git.kernel.org/stable/c/24b699bea7553fc0b98dad9d864befb6005ac7f1
Patch
https://git.kernel.org/stable/c/2ad5692db72874f02b9ad551d26345437ea4f7f3
Patch
https://git.kernel.org/stable/c/41c44e1f3112d7265dae522c026399b2a42d19ef
Patch
https://git.kernel.org/stable/c/5871761c5f0f20d6e98bf3b6bd7486d857589554
Patch
https://git.kernel.org/stable/c/5c17cfe155d21954b4c7e2a78fa771cebcd86725
Patch
https://git.kernel.org/stable/c/90642ee9eb581a13569b1c0bd57e85d962215273
Patch
https://git.kernel.org/stable/c/d7fad2ce15bdbbd0fec3ebe999fd7cab2267f53e
Patch