CVE-2021-46904

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a null pointer dereference during tty device unregistration in the Linux kernel. Multiple ttys try to claim the same minor number, causing a double unregistration of the same device. The first unregistration succeeds, but the next one results in a null-ptr-deref. The get free serial index() function returns an available minor number but doesn't assign it immediately. To fix this, get free serial index() was modified to assign the minor number immediately after one is found and renamed to obtain minor() to better reflect its function. Similarly, set serial by index() was renamed to release minor() and modified to free up the minor number of the given hso serial. Every obtain minor() call should have a corresponding release minor() call.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.