CVE-2025-21695

MEDIUM 4.7

platform/x86: dell-uart-backlight: fix serdev race

CVSS Score

4.7

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-uart-backlight: fix serdev race The dell_uart_bl_serdev_probe() function calls devm_serdev_device_open() before setting the client ops via serdev_device_set_client_ops(). This ordering can trigger a NULL pointer dereference in the serdev controller's receive_buf handler, as it assumes serdev->ops is valid when SERPORT_ACTIVE is set. This is similar to the issue fixed in commit 5e700b384ec1 ("platform/chrome: cros_ec_uart: properly fix race condition") where devm_serdev_device_open() was called before fully initializing the device. Fix the race by ensuring client ops are set before enabling the port via devm_serdev_device_open(). Note, serdev_device_set_baudrate() and serdev_device_set_flow_control() calls should be after the devm_serdev_device_open() call.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Feb 12, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new medium vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

484bae9e4d6acb5eec39e1ea47f9aa43f11b154d < d3a24d923333f75aaece9acb051d676edc0afb75 484bae9e4d6acb5eec39e1ea47f9aa43f11b154d < 1b2128aa2d45ab20b22548dcf4b48906298ca7fd

Linux / Linux

6.10

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/d3a24d923333f75aaece9acb051d676edc0afb75 git.kernel.org: https://git.kernel.org/stable/c/1b2128aa2d45ab20b22548dcf4b48906298ca7fd