vulnerability
Oracle Linux: CVE-2020-15437: ELSA-2021-1578: kernel security, bug fix, and enhancement update (IMPORTANT)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:N/I:N/A:C) | Jul 21, 2020 | May 26, 2021 | Dec 3, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:N/I:N/A:C)
Published
Jul 21, 2020
Added
May 26, 2021
Modified
Dec 3, 2025
Description
The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized.
A NULL pointer dereference flaw was found in the Linux kernel’s UART 8250 functionality, in the way certain hardware architectures handled situations where default ports (0x2E8, 0x2F8, 0x3E8, 0x3F8) are not available. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.
A NULL pointer dereference flaw was found in the Linux kernel’s UART 8250 functionality, in the way certain hardware architectures handled situations where default ports (0x2E8, 0x2F8, 0x3E8, 0x3F8) are not available. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.
Solution
oracle-linux-upgrade-kernel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.