Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-46905— net: hso: fix NULL-deref on disconnect regression

EPSS 0.01% · P1

Affected Version Matrix 17

VendorProductVersion RangeStatus
LinuxLinuxa462067d7c8e6953a733bf5ade8db947b1bb5449< 5871761c5f0f20d6e98bf3b6bd7486d857589554affected
145c89c441d27696961752bf51b323f347601bee< 0c71d4c89559f72cec2592d078681a843bce570eaffected
caf5ac93b3b5d5fac032fc11fbea680e115421b4< 24b699bea7553fc0b98dad9d864befb6005ac7f1affected
92028d7a31e55d53e41cff679156b9432cffcb36< 5c17cfe155d21954b4c7e2a78fa771cebcd86725affected
4a2933c88399c0ebc738db39bbce3ae89786d723< d7fad2ce15bdbbd0fec3ebe999fd7cab2267f53eaffected
dc195928d7e4ec7b5cfc6cd10dc4c8d87a7c72ac< 90642ee9eb581a13569b1c0bd57e85d962215273affected
388d05f70f1ee0cac4a2068fd295072f1a44152a< 0f000005da31f6947f843ce6b3e3a960540c6e00affected
8a12f8836145ffe37e9c8733dce18c22fb668b66< 41c44e1f3112d7265dae522c026399b2a42d19efaffected
… +9 more rows
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-46905

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
net: hso: fix NULL-deref on disconnect regression
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: net: hso: fix NULL-deref on disconnect regression Commit 8a12f8836145 ("net: hso: fix null-ptr-deref during tty device unregistration") fixed the racy minor allocation reported by syzbot, but introduced an unconditional NULL-pointer dereference on every disconnect instead. Specifically, the serial device table must no longer be accessed after the minor has been released by hso_serial_tty_unregister().
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于存在空指针取消引用问题。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux a462067d7c8e6953a733bf5ade8db947b1bb5449 ~ 5871761c5f0f20d6e98bf3b6bd7486d857589554 -
LinuxLinux 5.12 -

II. Public POCs for CVE-2021-46905

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2021-46905

登录查看更多情报信息。

Same Patch Batch · Linux · 2024-02-25 · 11 CVEs total

CVE-2023-52465power: supply: Fix null pointer dereference in smb2_probe
CVE-2023-52467mfd: syscon: Fix null pointer dereference in of_syscon_register()
CVE-2023-52468class: fix use-after-free in class_register()
CVE-2023-52469drivers/amd/pm: fix a use-after-free in kv_parse_power_table
CVE-2023-52470drm/radeon: check the alloc_workqueue return value in radeon_crtc_init()
CVE-2023-52471ice: Fix some null pointer dereference issues in ice_ptp.c
CVE-2023-52472crypto: rsa - add a check for allocation failure
CVE-2023-52473thermal: core: Fix NULL pointer dereference in zone registration error path
CVE-2021-46904net: hso: fix null-ptr-deref during tty device unregistration
CVE-2022-48626moxart: fix potential use-after-free on remove path

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2021-46905

No comments yet

Leave a comment