drivers/input/serio/serport.c can lead to kernel panic in serio code followed by jbd's panic (probably due to random memory write, I don't now) and/or system lockup. Steps to exploit it: process 1: open() a tty device; TIOCSETD it to N_MOUSE; read() it. it will block. after that, process 2: open() the same device; TIOCSETD it to 0; TIOCSETD it to N_MOUSE; (not sure if it's necessary) kill() process 1;
*** This bug has been marked as a duplicate of 131672 ***
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.