Description
In the Linux kernel, the following vulnerability has been resolved: tty: synclink_gt: Fix null-pointer-dereference in slgt_clean() When the driver fails at alloc_hdlcdev(), and then we remove the driver module, we will get the following splat: [ 25.065966] general protection fault, probably for non-canonical address 0xdffffc0000000182: 0000 [#1] PREEMPT SMP KASAN PTI [ 25.066914] KASAN: null-ptr-deref in range [0x0000000000000c10-0x0000000000000c17] [ 25.069262] RIP: 0010:detach_hdlc_protocol+0x2a/0x3e0 [ 25.077709] Call Trace: [ 25.077924] <TASK> [ 25.078108] unregister_hdlc_device+0x16/0x30 [ 25.078481] slgt_cleanup+0x157/0x9f0 [synclink_gt] Fix this by checking whether the 'info->netdev' is a null pointer first.
References (9)
Core 9
Core References
Scores
CVSS v3
5.5
EPSS
0.0028
EPSS Percentile
19.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-476
Status
published
Products (29)
linux/Kernel
2.6.16 - 4.9.318linux
linux/Kernel
4.10.0 - 4.14.283linux
linux/Kernel
4.15.0 - 4.19.247linux
linux/Kernel
4.20.0 - 5.4.198linux
linux/Kernel
5.11.0 - 5.15.47linux
linux/Kernel
5.16.0 - 5.17.15linux
linux/Kernel
5.18.0 - 5.18.4linux
linux/Kernel
5.5.0 - 5.10.122linux
Linux/Linux
< 2.6.16
Linux/Linux
2.6.16
... and 19 more
Published
Feb 26, 2025
Tracked Since
Feb 18, 2026