CVE-2021-46904

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: hso: fix null-ptr-deref during tty device unregistration<br /> <br /> Multiple ttys try to claim the same the minor number causing a double<br /> unregistration of the same device. The first unregistration succeeds<br /> but the next one results in a null-ptr-deref.<br /> <br /> The get_free_serial_index() function returns an available minor number<br /> but doesn&amp;#39;t assign it immediately. The assignment is done by the caller<br /> later. But before this assignment, calls to get_free_serial_index()<br /> would return the same minor number.<br /> <br /> Fix this by modifying get_free_serial_index to assign the minor number<br /> immediately after one is found to be and rename it to obtain_minor()<br /> to better reflect what it does. Similary, rename set_serial_by_index()<br /> to release_minor() and modify it to free up the minor number of the<br /> given hso_serial. Every obtain_minor() should have corresponding<br /> release_minor() call.