CVE-2021-47525

serial: liteuart: fix use-after-free and memleak on unbind

Published: 5/24/2024 Last updated: 5/4/2025 Reserved: 5/24/2024

In the Linux kernel, the following vulnerability has been resolved: serial: liteuart: fix use-after-free and memleak on unbind Deregister the port when unbinding the driver to prevent it from being used after releasing the driver data and leaking memory allocated by serial core.

CNA assigner: Linux (416baaa9-dc9f-4396-8d5f-8c081fb06d67) Requested by: n/a

Opam packages affected (27)

albatross cdrom conf-bpftool conf-libbpf conf-linux-libc-dev core core_unix hvsock mirage-block-unix mm ocaml-probes orun rawlink rawlink-eio rawlink-lwt shell solo5 solo5-bindings-hvt solo5-bindings-spt solo5-cross-aarch64 solo5-kernel-ukvm tracy-client tuntap uring vhd-format vhd-format-lwt xapi-stdext-unix

Products affected (2)

Product	Vendor	Version
Linux	Linux	< 10.0.22631.4751
Linux	Linux	< 13.0.1

References (4)

https://git.kernel.org/stable/c/602824cf9aa9db8830ffe5cfb2cd54365cada4fe
https://git.kernel.org/stable/c/05f929b395dec8957b636ff14e66b277ed022ed9
https://git.kernel.org/stable/c/602824cf9aa9db8830ffe5cfb2cd54365cada4fe
https://git.kernel.org/stable/c/05f929b395dec8957b636ff14e66b277ed022ed9