CVE-2022-41849 Information

Description

drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open() aka a race condition between ufx_ops_open and ufx_usb_disconnect.

Reference

https://lore.kernel.org/all/20220925133243.GA383897@ubuntu/T/