Linux Kernel TTY Port Race Condition Vulnerability in Serial Driver

A race condition vulnerability has been identified in the Linux kernel's serial driver, specifically related to the handling of TTY ports. This issue arises because the TTY port is not properly linked to the driver before the port is configured for use as a console. As a result, user-space applications can open the console without a TTY connection, potentially leading to a kernel crash. The vulnerability is most noticeable on Qualcomm SoCs with certain devices disabled, allowing for a rapid boot sequence that exposes the issue.

Impact

Failure to link the TTY port with the driver can cause the kernel to crash when the console is accessed.

Reproduction

The vulnerability can be reproduced on a Qualcomm SoC by booting with most devices disabled, which creates a fast boot environment. Once the system is running, the TTYMSM driver will not have its TTY port properly set, leading to a warning and a potential kernel crash.

Remediation

Users should ensure that the TTY port is correctly linked to the driver before it is configured as a console. This can be done by modifying the driver to include the necessary linkage.