4.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
5.1%
A use-after-free flaw was found in bq24190_remove in drivers/power/supply/bq24190_charger.c in the power subsystem in the Linux Kernel. This flaw allows a local attacker to crash the system due to a race problem.
In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module bq24190-charger. For instructions relating to how to blacklist a kernel module, refer to: <https://access.redhat.com/solutions/41278>