In the Linux kernel, the following vulnerability has been resolved: platform/x86: lenovo-yoga-tab2-pro-1380-fastcharger: fix serdev race The yt2_1380_fc_serdev_probe() function calls devm_serdev_device_open() before setting the client ops via serdev_device_set_client_ops(). This ordering can trigger a NULL pointer dereference in the serdev controller's receive_buf handler, as it assumes serdev->ops is valid when SERPORT_ACTIVE is set. This is similar to the issue fixed in commit 5e700b384ec1 ("platform/chrome: cros_ec_uart: properly fix race condition") where devm_serdev_device_open() was called before fully initializing the device. Fix the race by ensuring client ops are set before enabling the port via devm_serdev_device_open(). Note, serdev_device_set_baudrate() and serdev_device_set_flow_control() calls should be after the devm_serdev_device_open() call.
6.11.0-12.136.11.0-13.146.11.0-14.156.11.0-18.186.11.0-19.196.11.0-21.216.11.0-7.76.11.0-8.86.11.0-9.96.8.0-31.316.11.0-24.246.5.0-9.95.3.0-18.195.3.0-24.265.4.0-9.124.2.0-16.194.2.0-17.214.2.0-19.234.3.0-1.104.3.0-2.114.3.0-5.164.3.0-6.174.3.0-7.184.4.0-2.166.11.0-8.86.12.0-12.126.12.0-15.155.13.0-19.194.13.0-16.193.11.0-12.195.19.0-1007.7~22.04.15.19.0-1009.9~22.04.15.19.0-1010.10~22.04.15.19.0-1011.11~22.04.15.19.0-1012.12~22.04.15.19.0-1013.13~22.04.15.19.0-1014.14~22.04.15.19.0-1015.15~22.04.16.11.0-1002.26.11.0-1004.46.11.0-1005.56.11.0-1006.66.11.0-1007.76.11.0-1008.86.11.0-1009.106.11.0-1010.116.11.0-1011.126.8.0-1008.86.11.0-1012.13Exploitability
AV:LAC:HPR:LUI:NScope
S:UImpact
C:NI:NA:HCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H