Red Hat Bugzilla – Bug 133109
input/serio local DOS
Last modified: 2013-03-06 00:57:31 EST
drivers/input/serio/serport.c can lead to kernel panic in serio code
followed by jbd's panic (probably due to random memory write, I don't
now) and/or system lockup.
Steps to exploit it:
open() a tty device;
TIOCSETD it to N_MOUSE;
read() it. it will block.
after that, process 2:
open() the same device;
TIOCSETD it to 0;
TIOCSETD it to N_MOUSE; (not sure if it's necessary)
kill() process 1;
*** This bug has been marked as a duplicate of 131672 ***
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.