A flaw was found in the Linux kernel, where there is a race condition bug that can be caused by a malicious USB device in the USB character device driver layer. An attacker who can hotplug at least two devices of this class can cause a use-after-free situation.
Many Character devices can trigger this flaw as they leverage the lower levels of the USB subsystem.
The safest method that I have found would be to disable USB ports that are able to be attacked
using this method, disable them first by disallowing them from waking up from low-power states
with the command (Replace X with the port number available).
echo disabled >> /sys/bus/usb/devices/usbX/power/wakeup
The system must also disable the specific ports power after with the command:
echo suspend | sudo tee /sys/bus/usb/devices/usbX/power/level
This change not persist through system reboots and must be applied at each reboot to be effective.