NULL Pointer Dereference Vulnerability in Linux Kernel's serial8250_isa_init_ports() Function

CVE-2020-15437 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.